ZAP Scanning Report

Generated on Tue, 11 Jun 2024 10:43:35

ZAP Version: 2.14.0

Summary of Alerts

Risk Level Number of Alerts
High
2
Medium
5
Low
4
Informational
4

Alerts

Name Risk Level Number of Instances
Cloud Metadata Potentially Exposed High 1
SQL Injection - SQLite High 1
Content Security Policy (CSP) Header Not Set Medium 107
Cross-Domain Misconfiguration Medium 100
Missing Anti-clickjacking Header Medium 49
Session ID in URL Rewrite Medium 190
Vulnerable JS Library Medium 1
Cross-Domain JavaScript Source File Inclusion Low 98
Private IP Disclosure Low 1
Timestamp Disclosure - Unix Low 5
X-Content-Type-Options Header Missing Low 191
Information Disclosure - Suspicious Comments Informational 4
Modern Web Application Informational 50
Retrieved from Cache Informational 42
User Agent Fuzzer Informational 155

Passing Rules

Name Rule Type Threshold Strength
Session Management Response Identified Passive MEDIUM -
Verification Request Identified Passive MEDIUM -
Insecure JSF ViewState Passive MEDIUM -
Charset Mismatch Passive MEDIUM -
Cookie No HttpOnly Flag Passive MEDIUM -
Cookie Without Secure Flag Passive MEDIUM -
Re-examine Cache-control Directives Passive MEDIUM -
Content-Type Header Missing Passive MEDIUM -
Application Error Disclosure Passive MEDIUM -
Information Disclosure - Debug Error Messages Passive MEDIUM -
Information Disclosure - Sensitive Information in URL Passive MEDIUM -
Information Disclosure - Sensitive Information in HTTP Referrer Header Passive MEDIUM -
Open Redirect Passive MEDIUM -
Cookie Poisoning Passive MEDIUM -
User Controllable Charset Passive MEDIUM -
User Controllable HTML Element Attribute (Potential XSS) Passive MEDIUM -
WSDL File Detection Passive MEDIUM -
Loosely Scoped Cookie Passive MEDIUM -
Viewstate Passive MEDIUM -
Directory Browsing Passive MEDIUM -
Heartbleed OpenSSL Vulnerability (Indicative) Passive MEDIUM -
Strict-Transport-Security Header Passive MEDIUM -
HTTP Server Response Header Passive MEDIUM -
Server Leaks Information via "X-Powered-By" HTTP Response Header Field(s) Passive MEDIUM -
X-Backend-Server Header Information Leak Passive MEDIUM -
Secure Pages Include Mixed Content Passive MEDIUM -
HTTP to HTTPS Insecure Transition in Form Post Passive MEDIUM -
HTTPS to HTTP Insecure Transition in Form Post Passive MEDIUM -
User Controllable JavaScript Event (XSS) Passive MEDIUM -
Big Redirect Detected (Potential Sensitive Information Leak) Passive MEDIUM -
X-ChromeLogger-Data (XCOLD) Header Information Leak Passive MEDIUM -
Cookie without SameSite Attribute Passive MEDIUM -
CSP Passive MEDIUM -
X-Debug-Token Information Leak Passive MEDIUM -
Username Hash Found Passive MEDIUM -
X-AspNet-Version Response Header Passive MEDIUM -
PII Disclosure Passive MEDIUM -
Script Passive Scan Rules Passive MEDIUM -
Stats Passive Scan Rule Passive MEDIUM -
Absence of Anti-CSRF Tokens Passive MEDIUM -
Hash Disclosure Passive MEDIUM -
Weak Authentication Method Passive MEDIUM -
Reverse Tabnabbing Passive MEDIUM -
Authentication Request Identified Passive MEDIUM -

Sites

http://cdnjs.cloudflare.com

HTTP Response Code Number of Responses

No Authentication Statistics Found

Parameter Name Type Flags Times Used # Values

http://83.212.109.249:3001

HTTP Response Code Number of Responses

No Authentication Statistics Found

Parameter Name Type Flags Times Used # Values
cookieconsent_status
Cookie
588
1
language
Cookie
976
1
welcomebanner_status
Cookie
556
1
EIO
URL
239
1
name
URL
98
1
q
URL
49
1
sid
URL
190
48
t
URL
191
189
transport
URL
239
2
Accept-Ranges
Header
602
1
Access-Control-Allow-Origin
Header
1372
2
Cache-Control
Header
602
1
Connection
Header
1420
3
Content-Length
Header
827
50
Content-Type
Header
831
16
Content-type
Header
1
1
Date
Header
1372
62
ETag
Header
1173
43
Feature-Policy
Header
1181
1
Keep-Alive
Header
1372
1
Last-Modified
Header
602
5
Sec-WebSocket-Accept
Header
47
47
Upgrade
Header
47
1
Vary
Header
728
2
X-Content-Type-Options
Header
1181
1
X-Frame-Options
Header
1181
1
X-Recruiting
Header
1181
1
content-length
Header
5
1

Alert Detail

High
Cloud Metadata Potentially Exposed
Description
The Cloud Metadata Attack attempts to abuse a misconfigured NGINX server in order to access the instance metadata maintained by cloud service providers such as AWS, GCP and Azure.

All of these providers provide metadata via an internal unroutable IP address '169.254.169.254' - this can be exposed by incorrectly configured NGINX servers and accessed by using this IP address in the Host header field.
URL http://83.212.109.249:3001/latest/meta-data/?EIO=4&transport=polling&t=O_9jlGq&sid=XDs4qc8WdSz1SZaYAAGk
Method POST
Parameter
Attack 169.254.169.254
Evidence
Other Info Based on the successful response status code cloud metadata may have been returned in the response. Check the response data to see if any cloud metadata has been returned. The meta data returned can include information that would allow an attacker to completely compromise the system.
Request Header - size: 482 bytes.
Request Body - size: 1 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
Instances 1
Solution
Do not trust any user data in NGINX configs. In this case it is probably the use of the $host variable which is set from the 'Host' header and can be controlled by an attacker.
Reference https://www.nginx.com/blog/trust-no-one-perils-of-trusting-user-input/
Tags OWASP_2021_A05
OWASP_2017_A06
CWE Id
WASC Id
Plugin Id 90034
High
SQL Injection - SQLite
Description
SQL injection may be possible.
URL http://83.212.109.249:3001/rest/products/search?q=%27%28
Method GET
Parameter q
Attack '(
Evidence SQLITE_ERROR
Other Info RDBMS [SQLite] likely, given error message regular expression [SQLITE_ERROR] matched by the HTML results. The vulnerability was detected by manipulating the parameter to cause a database error message to be returned and recognised
Request Header - size: 322 bytes.
Request Body - size: 0 bytes.
Response Header - size: 362 bytes.
Response Body - size: 309 bytes.
Instances 1
Solution
Do not trust client side input, even if there is client side validation in place.

In general, type check all data on the server side.

If the application uses JDBC, use PreparedStatement or CallableStatement, with parameters passed by '?'

If the application uses ASP, use ADO Command Objects with strong type checking and parameterized queries.

If database Stored Procedures can be used, use them.

Do *not* concatenate strings into queries in the stored procedure, or use 'exec', 'exec immediate', or equivalent functionality!

Do not create dynamic SQL queries using simple string concatenation.

Escape all data received from the client.

Apply an 'allow list' of allowed characters, or a 'deny list' of disallowed characters in user input.

Apply the principle of least privilege by using the least privileged database user possible.

In particular, avoid using the 'sa' or 'db-owner' database users. This does not eliminate SQL injection, but minimizes its impact.

Grant the minimum database access that is necessary for the application.
Reference https://cheatsheetseries.owasp.org/cheatsheets/SQL_Injection_Prevention_Cheat_Sheet.html
Tags OWASP_2021_A03
WSTG-v42-INPV-05
OWASP_2017_A01
CWE Id 89
WASC Id 19
Plugin Id 40018
Medium
Content Security Policy (CSP) Header Not Set
Description
Content Security Policy (CSP) is an added layer of security that helps to detect and mitigate certain types of attacks, including Cross Site Scripting (XSS) and data injection attacks. These attacks are used for everything from data theft to site defacement or distribution of malware. CSP provides a set of standard HTTP headers that allow website owners to declare approved sources of content that browsers should be allowed to load on that page — covered types are JavaScript, CSS, HTML frames, fonts, images and embeddable objects such as Java applets, ActiveX, audio and video files.
URL http://83.212.109.249:3001
Method GET
Parameter
Attack
Evidence
Other Info
Request Header - size: 238 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3001/
Method GET
Parameter
Attack
Evidence
Other Info
Request Header - size: 280 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3001/ftp
Method GET
Parameter
Attack
Evidence
Other Info
Request Header - size: 290 bytes.
Request Body - size: 0 bytes.
Response Header - size: 338 bytes.
Response Body - size: 11,071 bytes.
URL http://83.212.109.249:3001/ftp/
Method GET
Parameter
Attack
Evidence
Other Info
Request Header - size: 295 bytes.
Request Body - size: 0 bytes.
Response Header - size: 338 bytes.
Response Body - size: 11,032 bytes.
URL http://83.212.109.249:3001/ftp/coupons_2013.md.bak
Method GET
Parameter
Attack
Evidence
Other Info
Request Header - size: 303 bytes.
Request Body - size: 0 bytes.
Response Header - size: 344 bytes.
Response Body - size: 1,936 bytes.
URL http://83.212.109.249:3001/ftp/eastere.gg
Method GET
Parameter
Attack
Evidence
Other Info
Request Header - size: 294 bytes.
Request Body - size: 0 bytes.
Response Header - size: 344 bytes.
Response Body - size: 1,936 bytes.
URL http://83.212.109.249:3001/ftp/encrypt.pyc
Method GET
Parameter
Attack
Evidence
Other Info
Request Header - size: 295 bytes.
Request Body - size: 0 bytes.
Response Header - size: 344 bytes.
Response Body - size: 1,936 bytes.
URL http://83.212.109.249:3001/ftp/package.json.bak
Method GET
Parameter
Attack
Evidence
Other Info
Request Header - size: 300 bytes.
Request Body - size: 0 bytes.
Response Header - size: 344 bytes.
Response Body - size: 1,936 bytes.
URL http://83.212.109.249:3001/ftp/quarantine
Method GET
Parameter
Attack
Evidence
Other Info
Request Header - size: 294 bytes.
Request Body - size: 0 bytes.
Response Header - size: 337 bytes.
Response Body - size: 9,592 bytes.
URL http://83.212.109.249:3001/ftp/suspicious_errors.yml
Method GET
Parameter
Attack
Evidence
Other Info
Request Header - size: 305 bytes.
Request Body - size: 0 bytes.
Response Header - size: 344 bytes.
Response Body - size: 1,936 bytes.
URL http://83.212.109.249:3001/juice-shop/build/routes/assets/public/assets/public/favicon_js.ico
Method GET
Parameter
Attack
Evidence
Other Info
Request Header - size: 395 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3001/juice-shop/build/routes/assets/public/favicon_js.ico
Method GET
Parameter
Attack
Evidence
Other Info
Request Header - size: 372 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3001/juice-shop/build/routes/assets/public/main.js
Method GET
Parameter
Attack
Evidence
Other Info
Request Header - size: 374 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3001/juice-shop/build/routes/assets/public/polyfills.js
Method GET
Parameter
Attack
Evidence
Other Info
Request Header - size: 379 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3001/juice-shop/build/routes/assets/public/runtime.js
Method GET
Parameter
Attack
Evidence
Other Info
Request Header - size: 377 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3001/juice-shop/build/routes/assets/public/styles.css
Method GET
Parameter
Attack
Evidence
Other Info
Request Header - size: 377 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3001/juice-shop/build/routes/assets/public/vendor.js
Method GET
Parameter
Attack
Evidence
Other Info
Request Header - size: 376 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3001/juice-shop/build/routes/fileServer.js:39:13
Method GET
Parameter
Attack
Evidence
Other Info
Request Header - size: 343 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3001/juice-shop/build/routes/fileServer.js:55:18
Method GET
Parameter
Attack
Evidence
Other Info
Request Header - size: 343 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3001/juice-shop/build/routes/main.js
Method GET
Parameter
Attack
Evidence
Other Info
Request Header - size: 351 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3001/juice-shop/build/routes/polyfills.js
Method GET
Parameter
Attack
Evidence
Other Info
Request Header - size: 356 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3001/juice-shop/build/routes/runtime.js
Method GET
Parameter
Attack
Evidence
Other Info
Request Header - size: 354 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3001/juice-shop/build/routes/styles.css
Method GET
Parameter
Attack
Evidence
Other Info
Request Header - size: 354 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3001/juice-shop/build/routes/vendor.js
Method GET
Parameter
Attack
Evidence
Other Info
Request Header - size: 353 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3001/juice-shop/node_modules/express/lib/router/assets/public/assets/public/favicon_js.ico
Method GET
Parameter
Attack
Evidence
Other Info
Request Header - size: 433 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3001/juice-shop/node_modules/express/lib/router/assets/public/favicon_js.ico
Method GET
Parameter
Attack
Evidence
Other Info
Request Header - size: 404 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3001/juice-shop/node_modules/express/lib/router/assets/public/main.js
Method GET
Parameter
Attack
Evidence
Other Info
Request Header - size: 412 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3001/juice-shop/node_modules/express/lib/router/assets/public/polyfills.js
Method GET
Parameter
Attack
Evidence
Other Info
Request Header - size: 417 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3001/juice-shop/node_modules/express/lib/router/assets/public/runtime.js
Method GET
Parameter
Attack
Evidence
Other Info
Request Header - size: 415 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3001/juice-shop/node_modules/express/lib/router/assets/public/styles.css
Method GET
Parameter
Attack
Evidence
Other Info
Request Header - size: 415 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3001/juice-shop/node_modules/express/lib/router/assets/public/vendor.js
Method GET
Parameter
Attack
Evidence
Other Info
Request Header - size: 414 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3001/juice-shop/node_modules/express/lib/router/index.js:280:10
Method GET
Parameter
Attack
Evidence
Other Info
Request Header - size: 349 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3001/juice-shop/node_modules/express/lib/router/index.js:286:9
Method GET
Parameter
Attack
Evidence
Other Info
Request Header - size: 357 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3001/juice-shop/node_modules/express/lib/router/index.js:328:13
Method GET
Parameter
Attack
Evidence
Other Info
Request Header - size: 358 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3001/juice-shop/node_modules/express/lib/router/index.js:365:14
Method GET
Parameter
Attack
Evidence
Other Info
Request Header - size: 358 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3001/juice-shop/node_modules/express/lib/router/index.js:376:14
Method GET
Parameter
Attack
Evidence
Other Info
Request Header - size: 349 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3001/juice-shop/node_modules/express/lib/router/index.js:421:3
Method GET
Parameter
Attack
Evidence
Other Info
Request Header - size: 357 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3001/juice-shop/node_modules/express/lib/router/layer.js:95:5
Method GET
Parameter
Attack
Evidence
Other Info
Request Header - size: 356 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3001/juice-shop/node_modules/express/lib/router/main.js
Method GET
Parameter
Attack
Evidence
Other Info
Request Header - size: 383 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3001/juice-shop/node_modules/express/lib/router/polyfills.js
Method GET
Parameter
Attack
Evidence
Other Info
Request Header - size: 388 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3001/juice-shop/node_modules/express/lib/router/runtime.js
Method GET
Parameter
Attack
Evidence
Other Info
Request Header - size: 386 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3001/juice-shop/node_modules/express/lib/router/styles.css
Method GET
Parameter
Attack
Evidence
Other Info
Request Header - size: 386 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3001/juice-shop/node_modules/express/lib/router/vendor.js
Method GET
Parameter
Attack
Evidence
Other Info
Request Header - size: 385 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3001/juice-shop/node_modules/serve-index/assets/public/assets/public/favicon_js.ico
Method GET
Parameter
Attack
Evidence
Other Info
Request Header - size: 419 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3001/juice-shop/node_modules/serve-index/assets/public/favicon_js.ico
Method GET
Parameter
Attack
Evidence
Other Info
Request Header - size: 392 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3001/juice-shop/node_modules/serve-index/assets/public/main.js
Method GET
Parameter
Attack
Evidence
Other Info
Request Header - size: 398 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3001/juice-shop/node_modules/serve-index/assets/public/polyfills.js
Method GET
Parameter
Attack
Evidence
Other Info
Request Header - size: 403 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3001/juice-shop/node_modules/serve-index/assets/public/runtime.js
Method GET
Parameter
Attack
Evidence
Other Info
Request Header - size: 401 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3001/juice-shop/node_modules/serve-index/assets/public/styles.css
Method GET
Parameter
Attack
Evidence
Other Info
Request Header - size: 401 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3001/juice-shop/node_modules/serve-index/assets/public/vendor.js
Method GET
Parameter
Attack
Evidence
Other Info
Request Header - size: 400 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3001/juice-shop/node_modules/serve-index/index.js:145:39
Method GET
Parameter
Attack
Evidence
Other Info
Request Header - size: 351 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3001/juice-shop/node_modules/serve-index/main.js
Method GET
Parameter
Attack
Evidence
Other Info
Request Header - size: 371 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3001/juice-shop/node_modules/serve-index/polyfills.js
Method GET
Parameter
Attack
Evidence
Other Info
Request Header - size: 376 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3001/juice-shop/node_modules/serve-index/runtime.js
Method GET
Parameter
Attack
Evidence
Other Info
Request Header - size: 374 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3001/juice-shop/node_modules/serve-index/styles.css
Method GET
Parameter
Attack
Evidence
Other Info
Request Header - size: 374 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3001/juice-shop/node_modules/serve-index/vendor.js
Method GET
Parameter
Attack
Evidence
Other Info
Request Header - size: 373 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3001/sitemap.xml
Method GET
Parameter
Attack
Evidence
Other Info
Request Header - size: 250 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3001/socket.io/?EIO=4&transport=websocket&sid=XDs4qc8WdSz1SZaYAAGk
Method GET
Parameter
Attack
Evidence
Other Info
Request Header - size: 517 bytes.
Request Body - size: 0 bytes.
Response Header - size: 92 bytes.
Response Body - size: 18 bytes.
URL http://83.212.109.249:3001/socket.io/?EIO=4&transport=polling&t=O_9jdMl&sid=dzh6GFQ-5Hjqn77bAAFi
Method POST
Parameter
Attack
Evidence
Other Info
Request Header - size: 428 bytes.
Request Body - size: 2 bytes.
Response Header - size: 213 bytes.
Response Body - size: 2 bytes.
URL http://83.212.109.249:3001/socket.io/?EIO=4&transport=polling&t=O_9jdwE&sid=x-rMJgmhW5uFvkBqAAFk
Method POST
Parameter
Attack
Evidence
Other Info
Request Header - size: 449 bytes.
Request Body - size: 2 bytes.
Response Header - size: 213 bytes.
Response Body - size: 2 bytes.
URL http://83.212.109.249:3001/socket.io/?EIO=4&transport=polling&t=O_9jeQH&sid=UgvLTA13bnTNStDxAAFm
Method POST
Parameter
Attack
Evidence
Other Info
Request Header - size: 428 bytes.
Request Body - size: 2 bytes.
Response Header - size: 213 bytes.
Response Body - size: 2 bytes.
URL http://83.212.109.249:3001/socket.io/?EIO=4&transport=polling&t=O_9jesZ&sid=X_LjqKUekVZEUm6jAAFo
Method POST
Parameter
Attack
Evidence
Other Info
Request Header - size: 428 bytes.
Request Body - size: 2 bytes.
Response Header - size: 213 bytes.
Response Body - size: 2 bytes.
URL http://83.212.109.249:3001/socket.io/?EIO=4&transport=polling&t=O_9jfMQ&sid=YVmN6z5-i-cLlfb0AAFq
Method POST
Parameter
Attack
Evidence
Other Info
Request Header - size: 428 bytes.
Request Body - size: 2 bytes.
Response Header - size: 213 bytes.
Response Body - size: 2 bytes.
URL http://83.212.109.249:3001/socket.io/?EIO=4&transport=polling&t=O_9jfqr&sid=BwU6VebhjW2ZmTJLAAFs
Method POST
Parameter
Attack
Evidence
Other Info
Request Header - size: 428 bytes.
Request Body - size: 2 bytes.
Response Header - size: 213 bytes.
Response Body - size: 2 bytes.
URL http://83.212.109.249:3001/socket.io/?EIO=4&transport=polling&t=O_9jgbl&sid=C9pxj7667ak4ElDXAAFz
Method POST
Parameter
Attack
Evidence
Other Info
Request Header - size: 449 bytes.
Request Body - size: 2 bytes.
Response Header - size: 213 bytes.
Response Body - size: 2 bytes.
URL http://83.212.109.249:3001/socket.io/?EIO=4&transport=polling&t=O_9jgIp&sid=YQDCIc_vAs7s9UkwAAFu
Method POST
Parameter
Attack
Evidence
Other Info
Request Header - size: 479 bytes.
Request Body - size: 2 bytes.
Response Header - size: 213 bytes.
Response Body - size: 2 bytes.
URL http://83.212.109.249:3001/socket.io/?EIO=4&transport=polling&t=O_9jgLn&sid=jcmVO4dVXIT-3TOlAAFv
Method POST
Parameter
Attack
Evidence
Other Info
Request Header - size: 428 bytes.
Request Body - size: 2 bytes.
Response Header - size: 213 bytes.
Response Body - size: 2 bytes.
URL http://83.212.109.249:3001/socket.io/?EIO=4&transport=polling&t=O_9jgR5&sid=JEbLLwnIg3LjE956AAFw
Method POST
Parameter
Attack
Evidence
Other Info
Request Header - size: 479 bytes.
Request Body - size: 2 bytes.
Response Header - size: 213 bytes.
Response Body - size: 2 bytes.
URL http://83.212.109.249:3001/socket.io/?EIO=4&transport=polling&t=O_9jgvh&sid=Fz9xG4f304vfPIFdAAF2
Method POST
Parameter
Attack
Evidence
Other Info
Request Header - size: 428 bytes.
Request Body - size: 2 bytes.
Response Header - size: 213 bytes.
Response Body - size: 2 bytes.
URL http://83.212.109.249:3001/socket.io/?EIO=4&transport=polling&t=O_9jhM_&sid=ircBqSGfF6i1eh4LAAF5
Method POST
Parameter
Attack
Evidence
Other Info
Request Header - size: 449 bytes.
Request Body - size: 2 bytes.
Response Header - size: 213 bytes.
Response Body - size: 2 bytes.
URL http://83.212.109.249:3001/socket.io/?EIO=4&transport=polling&t=O_9jhN2&sid=oRSDOYS87TVsdpS5AAF4
Method POST
Parameter
Attack
Evidence
Other Info
Request Header - size: 509 bytes.
Request Body - size: 2 bytes.
Response Header - size: 213 bytes.
Response Body - size: 2 bytes.
URL http://83.212.109.249:3001/socket.io/?EIO=4&transport=polling&t=O_9jhre&sid=rQ8n9bKhVoMnZzVqAAF8
Method POST
Parameter
Attack
Evidence
Other Info
Request Header - size: 428 bytes.
Request Body - size: 2 bytes.
Response Header - size: 213 bytes.
Response Body - size: 2 bytes.
URL http://83.212.109.249:3001/socket.io/?EIO=4&transport=polling&t=O_9jhtz&sid=6md6cZPDbOTL8kA4AAF9
Method POST
Parameter
Attack
Evidence
Other Info
Request Header - size: 509 bytes.
Request Body - size: 2 bytes.
Response Header - size: 213 bytes.
Response Body - size: 2 bytes.
URL http://83.212.109.249:3001/socket.io/?EIO=4&transport=polling&t=O_9jiA-&sid=bzzlf42LCnuE8YRhAAGB
Method POST
Parameter
Attack
Evidence
Other Info
Request Header - size: 428 bytes.
Request Body - size: 2 bytes.
Response Header - size: 213 bytes.
Response Body - size: 2 bytes.
URL http://83.212.109.249:3001/socket.io/?EIO=4&transport=polling&t=O_9jiaT&sid=vr_XiVG0kWUfU3miAAGE
Method POST
Parameter
Attack
Evidence
Other Info
Request Header - size: 479 bytes.
Request Body - size: 2 bytes.
Response Header - size: 213 bytes.
Response Body - size: 2 bytes.
URL http://83.212.109.249:3001/socket.io/?EIO=4&transport=polling&t=O_9jiB4&sid=ICephQEqajXidCI9AAGA
Method POST
Parameter
Attack
Evidence
Other Info
Request Header - size: 479 bytes.
Request Body - size: 2 bytes.
Response Header - size: 213 bytes.
Response Body - size: 2 bytes.
URL http://83.212.109.249:3001/socket.io/?EIO=4&transport=polling&t=O_9jibS&sid=LXi0b5zbD2uPF_1wAAGF
Method POST
Parameter
Attack
Evidence
Other Info
Request Header - size: 509 bytes.
Request Body - size: 2 bytes.
Response Header - size: 213 bytes.
Response Body - size: 2 bytes.
URL http://83.212.109.249:3001/socket.io/?EIO=4&transport=polling&t=O_9jisi&sid=RQ3tx66nAHx-1T99AAGJ
Method POST
Parameter
Attack
Evidence
Other Info
Request Header - size: 479 bytes.
Request Body - size: 2 bytes.
Response Header - size: 213 bytes.
Response Body - size: 2 bytes.
URL http://83.212.109.249:3001/socket.io/?EIO=4&transport=polling&t=O_9jitr&sid=m3ljiLDaQCNrusGbAAGK
Method POST
Parameter
Attack
Evidence
Other Info
Request Header - size: 479 bytes.
Request Body - size: 2 bytes.
Response Header - size: 213 bytes.
Response Body - size: 2 bytes.
URL http://83.212.109.249:3001/socket.io/?EIO=4&transport=polling&t=O_9jiuV&sid=iTq19Prhofu3WRc6AAGI
Method POST
Parameter
Attack
Evidence
Other Info
Request Header - size: 479 bytes.
Request Body - size: 2 bytes.
Response Header - size: 213 bytes.
Response Body - size: 2 bytes.
URL http://83.212.109.249:3001/socket.io/?EIO=4&transport=polling&t=O_9jivg&sid=swS8xiEhDtG-gjf9AAGL
Method POST
Parameter
Attack
Evidence
Other Info
Request Header - size: 479 bytes.
Request Body - size: 2 bytes.
Response Header - size: 213 bytes.
Response Body - size: 2 bytes.
URL http://83.212.109.249:3001/socket.io/?EIO=4&transport=polling&t=O_9jj7O&sid=9Rq6Ygc2rb9B-I57AAGQ
Method POST
Parameter
Attack
Evidence
Other Info
Request Header - size: 428 bytes.
Request Body - size: 2 bytes.
Response Header - size: 213 bytes.
Response Body - size: 2 bytes.
URL http://83.212.109.249:3001/socket.io/?EIO=4&transport=polling&t=O_9jjAO&sid=stFuRTmj5ftbqE5DAAGS
Method POST
Parameter
Attack
Evidence
Other Info
Request Header - size: 509 bytes.
Request Body - size: 2 bytes.
Response Header - size: 213 bytes.
Response Body - size: 2 bytes.
URL http://83.212.109.249:3001/socket.io/?EIO=4&transport=polling&t=O_9jjrM&sid=m5eLqvGaL5jlyfljAAGX
Method POST
Parameter
Attack
Evidence
Other Info
Request Header - size: 479 bytes.
Request Body - size: 2 bytes.
Response Header - size: 213 bytes.
Response Body - size: 2 bytes.
URL http://83.212.109.249:3001/socket.io/?EIO=4&transport=polling&t=O_9jjvj&sid=ESW87syAJz_HNbs4AAGY
Method POST
Parameter
Attack
Evidence
Other Info
Request Header - size: 479 bytes.
Request Body - size: 2 bytes.
Response Header - size: 213 bytes.
Response Body - size: 2 bytes.
URL http://83.212.109.249:3001/socket.io/?EIO=4&transport=polling&t=O_9jjWO&sid=UOvZYge4fZlvJrXlAAGT
Method POST
Parameter
Attack
Evidence
Other Info
Request Header - size: 509 bytes.
Request Body - size: 2 bytes.
Response Header - size: 213 bytes.
Response Body - size: 2 bytes.
URL http://83.212.109.249:3001/socket.io/?EIO=4&transport=polling&t=O_9jjXF&sid=pO5oXSpuBhvYLR5JAAGU
Method POST
Parameter
Attack
Evidence
Other Info
Request Header - size: 479 bytes.
Request Body - size: 2 bytes.
Response Header - size: 213 bytes.
Response Body - size: 2 bytes.
URL http://83.212.109.249:3001/socket.io/?EIO=4&transport=polling&t=O_9jkA3&sid=Q8zPnEbA7AqbE-AVAAGd
Method POST
Parameter
Attack
Evidence
Other Info
Request Header - size: 509 bytes.
Request Body - size: 2 bytes.
Response Header - size: 213 bytes.
Response Body - size: 2 bytes.
URL http://83.212.109.249:3001/socket.io/?EIO=4&transport=polling&t=O_9jkA6&sid=iyXeBUil7b3JLYcgAAGe
Method POST
Parameter
Attack
Evidence
Other Info
Request Header - size: 479 bytes.
Request Body - size: 2 bytes.
Response Header - size: 213 bytes.
Response Body - size: 2 bytes.
URL http://83.212.109.249:3001/socket.io/?EIO=4&transport=polling&t=O_9jkL1&sid=AUBufidV7Xu2iZQYAAGh
Method POST
Parameter
Attack
Evidence
Other Info
Request Header - size: 509 bytes.
Request Body - size: 2 bytes.
Response Header - size: 213 bytes.
Response Body - size: 2 bytes.
URL http://83.212.109.249:3001/socket.io/?EIO=4&transport=polling&t=O_9jkUx&sid=WJtHiW-DQZ1T3FzPAAGm
Method POST
Parameter
Attack
Evidence
Other Info
Request Header - size: 428 bytes.
Request Body - size: 2 bytes.
Response Header - size: 213 bytes.
Response Body - size: 2 bytes.
URL http://83.212.109.249:3001/socket.io/?EIO=4&transport=polling&t=O_9jkW4&sid=G6_arwirWv6zE3sVAAGj
Method POST
Parameter
Attack
Evidence
Other Info
Request Header - size: 509 bytes.
Request Body - size: 2 bytes.
Response Header - size: 213 bytes.
Response Body - size: 2 bytes.
URL http://83.212.109.249:3001/socket.io/?EIO=4&transport=polling&t=O_9jkWN&sid=dZrCgW1RREDXBmEcAAGl
Method POST
Parameter
Attack
Evidence
Other Info
Request Header - size: 479 bytes.
Request Body - size: 2 bytes.
Response Header - size: 213 bytes.
Response Body - size: 2 bytes.
URL http://83.212.109.249:3001/socket.io/?EIO=4&transport=polling&t=O_9jkx3&sid=oicUGLWQ8zqxLYu-AAGq
Method POST
Parameter
Attack
Evidence
Other Info
Request Header - size: 479 bytes.
Request Body - size: 2 bytes.
Response Header - size: 213 bytes.
Response Body - size: 2 bytes.
URL http://83.212.109.249:3001/socket.io/?EIO=4&transport=polling&t=O_9jkXg&sid=XDs4qc8WdSz1SZaYAAGk
Method POST
Parameter
Attack
Evidence
Other Info
Request Header - size: 479 bytes.
Request Body - size: 2 bytes.
Response Header - size: 213 bytes.
Response Body - size: 2 bytes.
URL http://83.212.109.249:3001/socket.io/?EIO=4&transport=polling&t=O_9jl3E&sid=1rzP5Fw3pWWcNjyYAAGs
Method POST
Parameter
Attack
Evidence
Other Info
Request Header - size: 509 bytes.
Request Body - size: 2 bytes.
Response Header - size: 213 bytes.
Response Body - size: 2 bytes.
URL http://83.212.109.249:3001/socket.io/?EIO=4&transport=polling&t=O_9jl8n&sid=tjMMZNG7r9vtvAiGAAGu
Method POST
Parameter
Attack
Evidence
Other Info
Request Header - size: 428 bytes.
Request Body - size: 2 bytes.
Response Header - size: 213 bytes.
Response Body - size: 2 bytes.
URL http://83.212.109.249:3001/socket.io/?EIO=4&transport=polling&t=O_9jlco&sid=_iMS3mwcdn5jXzvoAAGz
Method POST
Parameter
Attack
Evidence
Other Info
Request Header - size: 509 bytes.
Request Body - size: 2 bytes.
Response Header - size: 213 bytes.
Response Body - size: 2 bytes.
URL http://83.212.109.249:3001/socket.io/?EIO=4&transport=polling&t=O_9jlGq&sid=XDs4qc8WdSz1SZaYAAGk
Method POST
Parameter
Attack
Evidence
Other Info
Request Header - size: 479 bytes.
Request Body - size: 1 bytes.
Response Header - size: 213 bytes.
Response Body - size: 2 bytes.
URL http://83.212.109.249:3001/socket.io/?EIO=4&transport=polling&t=O_9jlh6&sid=vD9Rp6fFpQO3CrNkAAG3
Method POST
Parameter
Attack
Evidence
Other Info
Request Header - size: 449 bytes.
Request Body - size: 2 bytes.
Response Header - size: 213 bytes.
Response Body - size: 2 bytes.
URL http://83.212.109.249:3001/socket.io/?EIO=4&transport=polling&t=O_9jlHX&sid=IVOPNp79ybKVX9w_AAGw
Method POST
Parameter
Attack
Evidence
Other Info
Request Header - size: 428 bytes.
Request Body - size: 2 bytes.
Response Header - size: 213 bytes.
Response Body - size: 2 bytes.
URL http://83.212.109.249:3001/socket.io/?EIO=4&transport=polling&t=O_9jlka&sid=smjCrULOSmnglxCZAAG5
Method POST
Parameter
Attack
Evidence
Other Info
Request Header - size: 509 bytes.
Request Body - size: 2 bytes.
Response Header - size: 213 bytes.
Response Body - size: 2 bytes.
URL http://83.212.109.249:3001/socket.io/?EIO=4&transport=polling&t=O_9jlq7&sid=1IPVMx647gC7hjOuAAG6
Method POST
Parameter
Attack
Evidence
Other Info
Request Header - size: 479 bytes.
Request Body - size: 2 bytes.
Response Header - size: 213 bytes.
Response Body - size: 2 bytes.
URL http://83.212.109.249:3001/socket.io/?EIO=4&transport=polling&t=O_9jlsE&sid=FyM8yP4UNTckYf2NAAG8
Method POST
Parameter
Attack
Evidence
Other Info
Request Header - size: 509 bytes.
Request Body - size: 2 bytes.
Response Header - size: 213 bytes.
Response Body - size: 2 bytes.
URL http://83.212.109.249:3001/socket.io/?EIO=4&transport=polling&t=O_9jlZK&sid=ldeeeo_dBj2F-1qzAAGy
Method POST
Parameter
Attack
Evidence
Other Info
Request Header - size: 479 bytes.
Request Body - size: 2 bytes.
Response Header - size: 213 bytes.
Response Body - size: 2 bytes.
URL http://83.212.109.249:3001/socket.io/?EIO=4&transport=polling&t=O_9jmDz&sid=6irGIzq91IslKF8kAAG_
Method POST
Parameter
Attack
Evidence
Other Info
Request Header - size: 509 bytes.
Request Body - size: 2 bytes.
Response Header - size: 213 bytes.
Response Body - size: 2 bytes.
URL http://83.212.109.249:3001/socket.io/?EIO=4&transport=polling&t=O_9jmIW&sid=0PnxBar0DV0ylvgqAAHA
Method POST
Parameter
Attack
Evidence
Other Info
Request Header - size: 428 bytes.
Request Body - size: 2 bytes.
Response Header - size: 213 bytes.
Response Body - size: 2 bytes.
Instances 107
Solution
Ensure that your web server, application server, load balancer, etc. is configured to set the Content-Security-Policy header.
Reference https://developer.mozilla.org/en-US/docs/Web/Security/CSP/Introducing_Content_Security_Policy
https://cheatsheetseries.owasp.org/cheatsheets/Content_Security_Policy_Cheat_Sheet.html
http://www.w3.org/TR/CSP/
http://w3c.github.io/webappsec/specs/content-security-policy/csp-specification.dev.html
http://www.html5rocks.com/en/tutorials/security/content-security-policy/
http://caniuse.com/#feat=contentsecuritypolicy
http://content-security-policy.com/
Tags OWASP_2021_A05
OWASP_2017_A06
CWE Id 693
WASC Id 15
Plugin Id 10038
Medium
Cross-Domain Misconfiguration
Description
Web browser data loading may be possible, due to a Cross Origin Resource Sharing (CORS) misconfiguration on the web server
URL http://83.212.109.249:3001
Method GET
Parameter
Attack
Evidence Access-Control-Allow-Origin: *
Other Info The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing.
Request Header - size: 238 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3001/
Method GET
Parameter
Attack
Evidence Access-Control-Allow-Origin: *
Other Info The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing.
Request Header - size: 280 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3001/api/Challenges/?name=Score%20Board
Method GET
Parameter
Attack
Evidence Access-Control-Allow-Origin: *
Other Info The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing.
Request Header - size: 327 bytes.
Request Body - size: 0 bytes.
Response Header - size: 386 bytes.
Response Body - size: 648 bytes.
URL http://83.212.109.249:3001/api/Quantitys/
Method GET
Parameter
Attack
Evidence Access-Control-Allow-Origin: *
Other Info The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing.
Request Header - size: 307 bytes.
Request Body - size: 0 bytes.
Response Header - size: 388 bytes.
Response Body - size: 5,991 bytes.
URL http://83.212.109.249:3001/assets/i18n/en.json
Method GET
Parameter
Attack
Evidence Access-Control-Allow-Origin: *
Other Info The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing.
Request Header - size: 312 bytes.
Request Body - size: 0 bytes.
Response Header - size: 475 bytes.
Response Body - size: 33,141 bytes.
URL http://83.212.109.249:3000/assets/public/favicon_js.ico
Method GET
Parameter
Attack
Evidence Access-Control-Allow-Origin: *
Other Info The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing.
Request Header - size: 304 bytes.
Request Body - size: 0 bytes.
Response Header - size: 456 bytes.
Response Body - size: 15,086 bytes.
URL http://83.212.109.249:3000/assets/public/images/hackingInstructor.png
Method GET
Parameter
Attack
Evidence Access-Control-Allow-Origin: *
Other Info The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing.
Request Header - size: 378 bytes.
Request Body - size: 0 bytes.
Response Header - size: 427 bytes.
Response Body - size: 824 bytes.
URL http://83.212.109.249:3000/assets/public/images/JuiceShop_Logo.png
Method GET
Parameter
Attack
Evidence Access-Control-Allow-Origin: *
Other Info The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing.
Request Header - size: 324 bytes.
Request Body - size: 0 bytes.
Response Header - size: 431 bytes.
Response Body - size: 75,029 bytes.
URL http://83.212.109.249:3000/assets/public/images/products/apple_juice.jpg
Method GET
Parameter
Attack
Evidence Access-Control-Allow-Origin: *
Other Info The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing.
Request Header - size: 351 bytes.
Request Body - size: 0 bytes.
Response Header - size: 431 bytes.
Response Body - size: 15,291 bytes.
URL http://83.212.109.249:3000/assets/public/images/products/apple_pressings.jpg
Method GET
Parameter
Attack
Evidence Access-Control-Allow-Origin: *
Other Info The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing.
Request Header - size: 355 bytes.
Request Body - size: 0 bytes.
Response Header - size: 431 bytes.
Response Body - size: 29,163 bytes.
URL http://83.212.109.249:3000/assets/public/images/products/artwork2.jpg
Method GET
Parameter
Attack
Evidence Access-Control-Allow-Origin: *
Other Info The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing.
Request Header - size: 348 bytes.
Request Body - size: 0 bytes.
Response Header - size: 431 bytes.
Response Body - size: 35,878 bytes.
URL http://83.212.109.249:3000/assets/public/images/products/banana_juice.jpg
Method GET
Parameter
Attack
Evidence Access-Control-Allow-Origin: *
Other Info The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing.
Request Header - size: 352 bytes.
Request Body - size: 0 bytes.
Response Header - size: 431 bytes.
Response Body - size: 19,833 bytes.
URL http://83.212.109.249:3000/assets/public/images/products/carrot_juice.jpeg
Method GET
Parameter
Attack
Evidence Access-Control-Allow-Origin: *
Other Info The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing.
Request Header - size: 353 bytes.
Request Body - size: 0 bytes.
Response Header - size: 431 bytes.
Response Body - size: 19,001 bytes.
URL http://83.212.109.249:3000/assets/public/images/products/eggfruit_juice.jpg
Method GET
Parameter
Attack
Evidence Access-Control-Allow-Origin: *
Other Info The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing.
Request Header - size: 354 bytes.
Request Body - size: 0 bytes.
Response Header - size: 431 bytes.
Response Body - size: 15,072 bytes.
URL http://83.212.109.249:3000/assets/public/images/products/fan_facemask.jpg
Method GET
Parameter
Attack
Evidence Access-Control-Allow-Origin: *
Other Info The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing.
Request Header - size: 352 bytes.
Request Body - size: 0 bytes.
Response Header - size: 431 bytes.
Response Body - size: 26,934 bytes.
URL http://83.212.109.249:3000/assets/public/images/products/fruit_press.jpg
Method GET
Parameter
Attack
Evidence Access-Control-Allow-Origin: *
Other Info The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing.
Request Header - size: 351 bytes.
Request Body - size: 0 bytes.
Response Header - size: 431 bytes.
Response Body - size: 17,080 bytes.
URL http://83.212.109.249:3000/assets/public/images/products/green_smoothie.jpg
Method GET
Parameter
Attack
Evidence Access-Control-Allow-Origin: *
Other Info The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing.
Request Header - size: 354 bytes.
Request Body - size: 0 bytes.
Response Header - size: 431 bytes.
Response Body - size: 15,910 bytes.
URL http://83.212.109.249:3000/assets/public/images/products/lemon_juice.jpg
Method GET
Parameter
Attack
Evidence Access-Control-Allow-Origin: *
Other Info The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing.
Request Header - size: 351 bytes.
Request Body - size: 0 bytes.
Response Header - size: 431 bytes.
Response Body - size: 17,038 bytes.
URL http://83.212.109.249:3000/assets/public/images/products/melon_bike.jpeg
Method GET
Parameter
Attack
Evidence Access-Control-Allow-Origin: *
Other Info The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing.
Request Header - size: 351 bytes.
Request Body - size: 0 bytes.
Response Header - size: 431 bytes.
Response Body - size: 21,524 bytes.
URL http://83.212.109.249:3000/assets/public/images/products/permafrost.jpg
Method GET
Parameter
Attack
Evidence Access-Control-Allow-Origin: *
Other Info The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing.
Request Header - size: 350 bytes.
Request Body - size: 0 bytes.
Response Header - size: 432 bytes.
Response Body - size: 93,641 bytes.
URL http://83.212.109.249:3000/font-mfizz.woff
Method GET
Parameter
Attack
Evidence Access-Control-Allow-Origin: *
Other Info The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing.
Request Header - size: 402 bytes.
Request Body - size: 0 bytes.
Response Header - size: 430 bytes.
Response Body - size: 40,904 bytes.
URL http://83.212.109.249:3000/ftp
Method GET
Parameter
Attack
Evidence Access-Control-Allow-Origin: *
Other Info The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing.
Request Header - size: 290 bytes.
Request Body - size: 0 bytes.
Response Header - size: 338 bytes.
Response Body - size: 11,071 bytes.
URL http://83.212.109.249:3000/ftp/
Method GET
Parameter
Attack
Evidence Access-Control-Allow-Origin: *
Other Info The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing.
Request Header - size: 295 bytes.
Request Body - size: 0 bytes.
Response Header - size: 338 bytes.
Response Body - size: 11,032 bytes.
URL http://83.212.109.249:3000/ftp/acquisitions.md
Method GET
Parameter
Attack
Evidence Access-Control-Allow-Origin: *
Other Info The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing.
Request Header - size: 299 bytes.
Request Body - size: 0 bytes.
Response Header - size: 469 bytes.
Response Body - size: 909 bytes.
URL http://83.212.109.249:3000/ftp/announcement_encrypted.md
Method GET
Parameter
Attack
Evidence Access-Control-Allow-Origin: *
Other Info The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing.
Request Header - size: 309 bytes.
Request Body - size: 0 bytes.
Response Header - size: 474 bytes.
Response Body - size: 369,237 bytes.
URL http://83.212.109.249:3000/ftp/coupons_2013.md.bak
Method GET
Parameter
Attack
Evidence Access-Control-Allow-Origin: *
Other Info The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing.
Request Header - size: 303 bytes.
Request Body - size: 0 bytes.
Response Header - size: 344 bytes.
Response Body - size: 1,936 bytes.
URL http://83.212.109.249:3000/ftp/eastere.gg
Method GET
Parameter
Attack
Evidence Access-Control-Allow-Origin: *
Other Info The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing.
Request Header - size: 294 bytes.
Request Body - size: 0 bytes.
Response Header - size: 344 bytes.
Response Body - size: 1,936 bytes.
URL http://83.212.109.249:3000/ftp/encrypt.pyc
Method GET
Parameter
Attack
Evidence Access-Control-Allow-Origin: *
Other Info The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing.
Request Header - size: 295 bytes.
Request Body - size: 0 bytes.
Response Header - size: 344 bytes.
Response Body - size: 1,936 bytes.
URL http://83.212.109.249:3000/ftp/incident-support.kdbx
Method GET
Parameter
Attack
Evidence Access-Control-Allow-Origin: *
Other Info The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing.
Request Header - size: 305 bytes.
Request Body - size: 0 bytes.
Response Header - size: 443 bytes.
Response Body - size: 3,246 bytes.
URL http://83.212.109.249:3000/ftp/legal.md
Method GET
Parameter
Attack
Evidence Access-Control-Allow-Origin: *
Other Info The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing.
Request Header - size: 292 bytes.
Request Body - size: 0 bytes.
Response Header - size: 470 bytes.
Response Body - size: 3,047 bytes.
URL http://83.212.109.249:3000/ftp/package.json.bak
Method GET
Parameter
Attack
Evidence Access-Control-Allow-Origin: *
Other Info The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing.
Request Header - size: 300 bytes.
Request Body - size: 0 bytes.
Response Header - size: 344 bytes.
Response Body - size: 1,936 bytes.
URL http://83.212.109.249:3000/ftp/quarantine
Method GET
Parameter
Attack
Evidence Access-Control-Allow-Origin: *
Other Info The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing.
Request Header - size: 294 bytes.
Request Body - size: 0 bytes.
Response Header - size: 337 bytes.
Response Body - size: 9,592 bytes.
URL http://83.212.109.249:3000/ftp/quarantine/juicy_malware_linux_amd_64.url
Method GET
Parameter
Attack
Evidence Access-Control-Allow-Origin: *
Other Info The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing.
Request Header - size: 336 bytes.
Request Body - size: 0 bytes.
Response Header - size: 441 bytes.
Response Body - size: 166 bytes.
URL http://83.212.109.249:3000/ftp/quarantine/juicy_malware_linux_arm_64.url
Method GET
Parameter
Attack
Evidence Access-Control-Allow-Origin: *
Other Info The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing.
Request Header - size: 336 bytes.
Request Body - size: 0 bytes.
Response Header - size: 441 bytes.
Response Body - size: 166 bytes.
URL http://83.212.109.249:3000/ftp/quarantine/juicy_malware_macos_64.url
Method GET
Parameter
Attack
Evidence Access-Control-Allow-Origin: *
Other Info The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing.
Request Header - size: 332 bytes.
Request Body - size: 0 bytes.
Response Header - size: 441 bytes.
Response Body - size: 162 bytes.
URL http://83.212.109.249:3000/ftp/quarantine/juicy_malware_windows_64.exe.url
Method GET
Parameter
Attack
Evidence Access-Control-Allow-Origin: *
Other Info The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing.
Request Header - size: 338 bytes.
Request Body - size: 0 bytes.
Response Header - size: 441 bytes.
Response Body - size: 168 bytes.
URL http://83.212.109.249:3000/ftp/suspicious_errors.yml
Method GET
Parameter
Attack
Evidence Access-Control-Allow-Origin: *
Other Info The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing.
Request Header - size: 305 bytes.
Request Body - size: 0 bytes.
Response Header - size: 344 bytes.
Response Body - size: 1,936 bytes.
URL http://83.212.109.249:3000/juice-shop/build/routes/assets/public/assets/public/favicon_js.ico
Method GET
Parameter
Attack
Evidence Access-Control-Allow-Origin: *
Other Info The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing.
Request Header - size: 395 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/juice-shop/build/routes/assets/public/favicon_js.ico
Method GET
Parameter
Attack
Evidence Access-Control-Allow-Origin: *
Other Info The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing.
Request Header - size: 372 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/juice-shop/build/routes/assets/public/main.js
Method GET
Parameter
Attack
Evidence Access-Control-Allow-Origin: *
Other Info The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing.
Request Header - size: 374 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/juice-shop/build/routes/assets/public/polyfills.js
Method GET
Parameter
Attack
Evidence Access-Control-Allow-Origin: *
Other Info The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing.
Request Header - size: 379 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/juice-shop/build/routes/assets/public/runtime.js
Method GET
Parameter
Attack
Evidence Access-Control-Allow-Origin: *
Other Info The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing.
Request Header - size: 377 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/juice-shop/build/routes/assets/public/styles.css
Method GET
Parameter
Attack
Evidence Access-Control-Allow-Origin: *
Other Info The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing.
Request Header - size: 377 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/juice-shop/build/routes/assets/public/vendor.js
Method GET
Parameter
Attack
Evidence Access-Control-Allow-Origin: *
Other Info The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing.
Request Header - size: 376 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/juice-shop/build/routes/fileServer.js:39:13
Method GET
Parameter
Attack
Evidence Access-Control-Allow-Origin: *
Other Info The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing.
Request Header - size: 343 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/juice-shop/build/routes/fileServer.js:55:18
Method GET
Parameter
Attack
Evidence Access-Control-Allow-Origin: *
Other Info The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing.
Request Header - size: 343 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/juice-shop/build/routes/main.js
Method GET
Parameter
Attack
Evidence Access-Control-Allow-Origin: *
Other Info The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing.
Request Header - size: 351 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/juice-shop/build/routes/polyfills.js
Method GET
Parameter
Attack
Evidence Access-Control-Allow-Origin: *
Other Info The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing.
Request Header - size: 356 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/juice-shop/build/routes/runtime.js
Method GET
Parameter
Attack
Evidence Access-Control-Allow-Origin: *
Other Info The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing.
Request Header - size: 354 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/juice-shop/build/routes/styles.css
Method GET
Parameter
Attack
Evidence Access-Control-Allow-Origin: *
Other Info The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing.
Request Header - size: 354 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/juice-shop/build/routes/vendor.js
Method GET
Parameter
Attack
Evidence Access-Control-Allow-Origin: *
Other Info The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing.
Request Header - size: 353 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/juice-shop/node_modules/express/lib/router/assets/public/assets/public/favicon_js.ico
Method GET
Parameter
Attack
Evidence Access-Control-Allow-Origin: *
Other Info The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing.
Request Header - size: 433 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/juice-shop/node_modules/express/lib/router/assets/public/favicon_js.ico
Method GET
Parameter
Attack
Evidence Access-Control-Allow-Origin: *
Other Info The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing.
Request Header - size: 404 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/juice-shop/node_modules/express/lib/router/assets/public/main.js
Method GET
Parameter
Attack
Evidence Access-Control-Allow-Origin: *
Other Info The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing.
Request Header - size: 412 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/juice-shop/node_modules/express/lib/router/assets/public/polyfills.js
Method GET
Parameter
Attack
Evidence Access-Control-Allow-Origin: *
Other Info The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing.
Request Header - size: 417 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/juice-shop/node_modules/express/lib/router/assets/public/runtime.js
Method GET
Parameter
Attack
Evidence Access-Control-Allow-Origin: *
Other Info The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing.
Request Header - size: 415 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/juice-shop/node_modules/express/lib/router/assets/public/styles.css
Method GET
Parameter
Attack
Evidence Access-Control-Allow-Origin: *
Other Info The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing.
Request Header - size: 415 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/juice-shop/node_modules/express/lib/router/assets/public/vendor.js
Method GET
Parameter
Attack
Evidence Access-Control-Allow-Origin: *
Other Info The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing.
Request Header - size: 414 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/juice-shop/node_modules/express/lib/router/index.js:280:10
Method GET
Parameter
Attack
Evidence Access-Control-Allow-Origin: *
Other Info The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing.
Request Header - size: 349 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/juice-shop/node_modules/express/lib/router/index.js:286:9
Method GET
Parameter
Attack
Evidence Access-Control-Allow-Origin: *
Other Info The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing.
Request Header - size: 357 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/juice-shop/node_modules/express/lib/router/index.js:328:13
Method GET
Parameter
Attack
Evidence Access-Control-Allow-Origin: *
Other Info The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing.
Request Header - size: 358 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/juice-shop/node_modules/express/lib/router/index.js:365:14
Method GET
Parameter
Attack
Evidence Access-Control-Allow-Origin: *
Other Info The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing.
Request Header - size: 358 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/juice-shop/node_modules/express/lib/router/index.js:376:14
Method GET
Parameter
Attack
Evidence Access-Control-Allow-Origin: *
Other Info The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing.
Request Header - size: 349 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/juice-shop/node_modules/express/lib/router/index.js:421:3
Method GET
Parameter
Attack
Evidence Access-Control-Allow-Origin: *
Other Info The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing.
Request Header - size: 357 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/juice-shop/node_modules/express/lib/router/layer.js:95:5
Method GET
Parameter
Attack
Evidence Access-Control-Allow-Origin: *
Other Info The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing.
Request Header - size: 356 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/juice-shop/node_modules/express/lib/router/main.js
Method GET
Parameter
Attack
Evidence Access-Control-Allow-Origin: *
Other Info The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing.
Request Header - size: 383 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/juice-shop/node_modules/express/lib/router/polyfills.js
Method GET
Parameter
Attack
Evidence Access-Control-Allow-Origin: *
Other Info The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing.
Request Header - size: 388 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/juice-shop/node_modules/express/lib/router/runtime.js
Method GET
Parameter
Attack
Evidence Access-Control-Allow-Origin: *
Other Info The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing.
Request Header - size: 386 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/juice-shop/node_modules/express/lib/router/styles.css
Method GET
Parameter
Attack
Evidence Access-Control-Allow-Origin: *
Other Info The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing.
Request Header - size: 386 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/juice-shop/node_modules/express/lib/router/vendor.js
Method GET
Parameter
Attack
Evidence Access-Control-Allow-Origin: *
Other Info The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing.
Request Header - size: 385 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/juice-shop/node_modules/serve-index/assets/public/assets/public/favicon_js.ico
Method GET
Parameter
Attack
Evidence Access-Control-Allow-Origin: *
Other Info The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing.
Request Header - size: 419 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/juice-shop/node_modules/serve-index/assets/public/favicon_js.ico
Method GET
Parameter
Attack
Evidence Access-Control-Allow-Origin: *
Other Info The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing.
Request Header - size: 392 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/juice-shop/node_modules/serve-index/assets/public/main.js
Method GET
Parameter
Attack
Evidence Access-Control-Allow-Origin: *
Other Info The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing.
Request Header - size: 398 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/juice-shop/node_modules/serve-index/assets/public/polyfills.js
Method GET
Parameter
Attack
Evidence Access-Control-Allow-Origin: *
Other Info The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing.
Request Header - size: 403 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/juice-shop/node_modules/serve-index/assets/public/runtime.js
Method GET
Parameter
Attack
Evidence Access-Control-Allow-Origin: *
Other Info The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing.
Request Header - size: 401 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/juice-shop/node_modules/serve-index/assets/public/styles.css
Method GET
Parameter
Attack
Evidence Access-Control-Allow-Origin: *
Other Info The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing.
Request Header - size: 401 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/juice-shop/node_modules/serve-index/assets/public/vendor.js
Method GET
Parameter
Attack
Evidence Access-Control-Allow-Origin: *
Other Info The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing.
Request Header - size: 400 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/juice-shop/node_modules/serve-index/index.js:145:39
Method GET
Parameter
Attack
Evidence Access-Control-Allow-Origin: *
Other Info The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing.
Request Header - size: 351 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/juice-shop/node_modules/serve-index/main.js
Method GET
Parameter
Attack
Evidence Access-Control-Allow-Origin: *
Other Info The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing.
Request Header - size: 371 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/juice-shop/node_modules/serve-index/polyfills.js
Method GET
Parameter
Attack
Evidence Access-Control-Allow-Origin: *
Other Info The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing.
Request Header - size: 376 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/juice-shop/node_modules/serve-index/runtime.js
Method GET
Parameter
Attack
Evidence Access-Control-Allow-Origin: *
Other Info The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing.
Request Header - size: 374 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/juice-shop/node_modules/serve-index/styles.css
Method GET
Parameter
Attack
Evidence Access-Control-Allow-Origin: *
Other Info The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing.
Request Header - size: 374 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/juice-shop/node_modules/serve-index/vendor.js
Method GET
Parameter
Attack
Evidence Access-Control-Allow-Origin: *
Other Info The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing.
Request Header - size: 373 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/main.js
Method GET
Parameter
Attack
Evidence Access-Control-Allow-Origin: *
Other Info The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing.
Request Header - size: 283 bytes.
Request Body - size: 0 bytes.
Response Header - size: 483 bytes.
Response Body - size: 491,853 bytes.
URL http://83.212.109.249:3000/MaterialIcons-Regular.woff2
Method GET
Parameter
Attack
Evidence Access-Control-Allow-Origin: *
Other Info The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing.
Request Header - size: 363 bytes.
Request Body - size: 0 bytes.
Response Header - size: 431 bytes.
Response Body - size: 60,840 bytes.
URL http://83.212.109.249:3000/polyfills.js
Method GET
Parameter
Attack
Evidence Access-Control-Allow-Origin: *
Other Info The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing.
Request Header - size: 288 bytes.
Request Body - size: 0 bytes.
Response Header - size: 481 bytes.
Response Body - size: 54,523 bytes.
URL http://83.212.109.249:3000/rest/admin/application-configuration
Method GET
Parameter
Attack
Evidence Access-Control-Allow-Origin: *
Other Info The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing.
Request Header - size: 382 bytes.
Request Body - size: 0 bytes.
Response Header - size: 306 bytes.
Response Body - size: 0 bytes.
URL http://83.212.109.249:3000/rest/admin/application-version
Method GET
Parameter
Attack
Evidence Access-Control-Allow-Origin: *
Other Info The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing.
Request Header - size: 323 bytes.
Request Body - size: 0 bytes.
Response Header - size: 384 bytes.
Response Body - size: 20 bytes.
URL http://83.212.109.249:3000/rest/captcha/
Method GET
Parameter
Attack
Evidence Access-Control-Allow-Origin: *
Other Info The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing.
Request Header - size: 357 bytes.
Request Body - size: 0 bytes.
Response Header - size: 384 bytes.
Response Body - size: 48 bytes.
URL http://83.212.109.249:3000/rest/languages
Method GET
Parameter
Attack
Evidence Access-Control-Allow-Origin: *
Other Info The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing.
Request Header - size: 307 bytes.
Request Body - size: 0 bytes.
Response Header - size: 388 bytes.
Response Body - size: 4,872 bytes.
URL http://83.212.109.249:3000/rest/products/search?q=
Method GET
Parameter
Attack
Evidence Access-Control-Allow-Origin: *
Other Info The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing.
Request Header - size: 316 bytes.
Request Body - size: 0 bytes.
Response Header - size: 389 bytes.
Response Body - size: 12,880 bytes.
URL http://83.212.109.249:3000/rest/user/whoami
Method GET
Parameter
Attack
Evidence Access-Control-Allow-Origin: *
Other Info The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing.
Request Header - size: 360 bytes.
Request Body - size: 0 bytes.
Response Header - size: 383 bytes.
Response Body - size: 11 bytes.
URL http://83.212.109.249:3000/robots.txt
Method GET
Parameter
Attack
Evidence Access-Control-Allow-Origin: *
Other Info The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing.
Request Header - size: 249 bytes.
Request Body - size: 0 bytes.
Response Header - size: 378 bytes.
Response Body - size: 28 bytes.
URL http://83.212.109.249:3000/runtime.js
Method GET
Parameter
Attack
Evidence Access-Control-Allow-Origin: *
Other Info The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing.
Request Header - size: 286 bytes.
Request Body - size: 0 bytes.
Response Header - size: 479 bytes.
Response Body - size: 3,297 bytes.
URL http://83.212.109.249:3000/sitemap.xml
Method GET
Parameter
Attack
Evidence Access-Control-Allow-Origin: *
Other Info The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing.
Request Header - size: 250 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/styles.css
Method GET
Parameter
Attack
Evidence Access-Control-Allow-Origin: *
Other Info The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing.
Request Header - size: 286 bytes.
Request Body - size: 0 bytes.
Response Header - size: 469 bytes.
Response Body - size: 629,661 bytes.
URL http://83.212.109.249:3000/vendor.js
Method GET
Parameter
Attack
Evidence Access-Control-Allow-Origin: *
Other Info The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing.
Request Header - size: 285 bytes.
Request Body - size: 0 bytes.
Response Header - size: 485 bytes.
Response Body - size: 1,421,052 bytes.
URL http://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.css
Method GET
Parameter
Attack
Evidence Access-Control-Allow-Origin: *
Other Info The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing.
Request Header - size: 332 bytes.
Request Body - size: 0 bytes.
Response Header - size: 903 bytes.
Response Body - size: 4,064 bytes.
URL http://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js
Method GET
Parameter
Attack
Evidence Access-Control-Allow-Origin: *
Other Info The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing.
Request Header - size: 316 bytes.
Request Body - size: 0 bytes.
Response Header - size: 914 bytes.
Response Body - size: 20,808 bytes.
URL http://cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js
Method GET
Parameter
Attack
Evidence Access-Control-Allow-Origin: *
Other Info The CORS misconfiguration on the web server permits cross-domain read requests from arbitrary third party domains, using unauthenticated APIs on this domain. Web browser implementations do not permit arbitrary third parties to read the response from authenticated APIs, however. This reduces the risk somewhat. This misconfiguration could be used by an attacker to access data that is available in an unauthenticated manner, but which uses some other form of security, such as IP address white-listing.
Request Header - size: 301 bytes.
Request Body - size: 0 bytes.
Response Header - size: 918 bytes.
Response Body - size: 85,578 bytes.
Instances 100
Solution
Ensure that sensitive data is not available in an unauthenticated manner (using IP address white-listing, for instance).

Configure the "Access-Control-Allow-Origin" HTTP header to a more restrictive set of domains, or remove all CORS headers entirely, to allow the web browser to enforce the Same Origin Policy (SOP) in a more restrictive manner.
Reference https://vulncat.fortify.com/en/detail?id=desc.config.dotnet.html5_overly_permissive_cors_policy
Tags OWASP_2021_A01
OWASP_2017_A05
CWE Id 264
WASC Id 14
Plugin Id 10098
Medium
Missing Anti-clickjacking Header
Description
The response does not include either Content-Security-Policy with 'frame-ancestors' directive or X-Frame-Options to protect against 'ClickJacking' attacks.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jdMl&sid=dzh6GFQ-5Hjqn77bAAFi
Method POST
Parameter x-frame-options
Attack
Evidence
Other Info
Request Header - size: 428 bytes.
Request Body - size: 2 bytes.
Response Header - size: 213 bytes.
Response Body - size: 2 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jdwE&sid=x-rMJgmhW5uFvkBqAAFk
Method POST
Parameter x-frame-options
Attack
Evidence
Other Info
Request Header - size: 449 bytes.
Request Body - size: 2 bytes.
Response Header - size: 213 bytes.
Response Body - size: 2 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jeQH&sid=UgvLTA13bnTNStDxAAFm
Method POST
Parameter x-frame-options
Attack
Evidence
Other Info
Request Header - size: 428 bytes.
Request Body - size: 2 bytes.
Response Header - size: 213 bytes.
Response Body - size: 2 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jesZ&sid=X_LjqKUekVZEUm6jAAFo
Method POST
Parameter x-frame-options
Attack
Evidence
Other Info
Request Header - size: 428 bytes.
Request Body - size: 2 bytes.
Response Header - size: 213 bytes.
Response Body - size: 2 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jfMQ&sid=YVmN6z5-i-cLlfb0AAFq
Method POST
Parameter x-frame-options
Attack
Evidence
Other Info
Request Header - size: 428 bytes.
Request Body - size: 2 bytes.
Response Header - size: 213 bytes.
Response Body - size: 2 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jfqr&sid=BwU6VebhjW2ZmTJLAAFs
Method POST
Parameter x-frame-options
Attack
Evidence
Other Info
Request Header - size: 428 bytes.
Request Body - size: 2 bytes.
Response Header - size: 213 bytes.
Response Body - size: 2 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jgbl&sid=C9pxj7667ak4ElDXAAFz
Method POST
Parameter x-frame-options
Attack
Evidence
Other Info
Request Header - size: 449 bytes.
Request Body - size: 2 bytes.
Response Header - size: 213 bytes.
Response Body - size: 2 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jgIp&sid=YQDCIc_vAs7s9UkwAAFu
Method POST
Parameter x-frame-options
Attack
Evidence
Other Info
Request Header - size: 479 bytes.
Request Body - size: 2 bytes.
Response Header - size: 213 bytes.
Response Body - size: 2 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jgLn&sid=jcmVO4dVXIT-3TOlAAFv
Method POST
Parameter x-frame-options
Attack
Evidence
Other Info
Request Header - size: 428 bytes.
Request Body - size: 2 bytes.
Response Header - size: 213 bytes.
Response Body - size: 2 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jgR5&sid=JEbLLwnIg3LjE956AAFw
Method POST
Parameter x-frame-options
Attack
Evidence
Other Info
Request Header - size: 479 bytes.
Request Body - size: 2 bytes.
Response Header - size: 213 bytes.
Response Body - size: 2 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jgvh&sid=Fz9xG4f304vfPIFdAAF2
Method POST
Parameter x-frame-options
Attack
Evidence
Other Info
Request Header - size: 428 bytes.
Request Body - size: 2 bytes.
Response Header - size: 213 bytes.
Response Body - size: 2 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jhM_&sid=ircBqSGfF6i1eh4LAAF5
Method POST
Parameter x-frame-options
Attack
Evidence
Other Info
Request Header - size: 449 bytes.
Request Body - size: 2 bytes.
Response Header - size: 213 bytes.
Response Body - size: 2 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jhN2&sid=oRSDOYS87TVsdpS5AAF4
Method POST
Parameter x-frame-options
Attack
Evidence
Other Info
Request Header - size: 509 bytes.
Request Body - size: 2 bytes.
Response Header - size: 213 bytes.
Response Body - size: 2 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jhre&sid=rQ8n9bKhVoMnZzVqAAF8
Method POST
Parameter x-frame-options
Attack
Evidence
Other Info
Request Header - size: 428 bytes.
Request Body - size: 2 bytes.
Response Header - size: 213 bytes.
Response Body - size: 2 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jhtz&sid=6md6cZPDbOTL8kA4AAF9
Method POST
Parameter x-frame-options
Attack
Evidence
Other Info
Request Header - size: 509 bytes.
Request Body - size: 2 bytes.
Response Header - size: 213 bytes.
Response Body - size: 2 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jiA-&sid=bzzlf42LCnuE8YRhAAGB
Method POST
Parameter x-frame-options
Attack
Evidence
Other Info
Request Header - size: 428 bytes.
Request Body - size: 2 bytes.
Response Header - size: 213 bytes.
Response Body - size: 2 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jiaT&sid=vr_XiVG0kWUfU3miAAGE
Method POST
Parameter x-frame-options
Attack
Evidence
Other Info
Request Header - size: 479 bytes.
Request Body - size: 2 bytes.
Response Header - size: 213 bytes.
Response Body - size: 2 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jiB4&sid=ICephQEqajXidCI9AAGA
Method POST
Parameter x-frame-options
Attack
Evidence
Other Info
Request Header - size: 479 bytes.
Request Body - size: 2 bytes.
Response Header - size: 213 bytes.
Response Body - size: 2 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jibS&sid=LXi0b5zbD2uPF_1wAAGF
Method POST
Parameter x-frame-options
Attack
Evidence
Other Info
Request Header - size: 509 bytes.
Request Body - size: 2 bytes.
Response Header - size: 213 bytes.
Response Body - size: 2 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jisi&sid=RQ3tx66nAHx-1T99AAGJ
Method POST
Parameter x-frame-options
Attack
Evidence
Other Info
Request Header - size: 479 bytes.
Request Body - size: 2 bytes.
Response Header - size: 213 bytes.
Response Body - size: 2 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jitr&sid=m3ljiLDaQCNrusGbAAGK
Method POST
Parameter x-frame-options
Attack
Evidence
Other Info
Request Header - size: 479 bytes.
Request Body - size: 2 bytes.
Response Header - size: 213 bytes.
Response Body - size: 2 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jiuV&sid=iTq19Prhofu3WRc6AAGI
Method POST
Parameter x-frame-options
Attack
Evidence
Other Info
Request Header - size: 479 bytes.
Request Body - size: 2 bytes.
Response Header - size: 213 bytes.
Response Body - size: 2 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jivg&sid=swS8xiEhDtG-gjf9AAGL
Method POST
Parameter x-frame-options
Attack
Evidence
Other Info
Request Header - size: 479 bytes.
Request Body - size: 2 bytes.
Response Header - size: 213 bytes.
Response Body - size: 2 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jj7O&sid=9Rq6Ygc2rb9B-I57AAGQ
Method POST
Parameter x-frame-options
Attack
Evidence
Other Info
Request Header - size: 428 bytes.
Request Body - size: 2 bytes.
Response Header - size: 213 bytes.
Response Body - size: 2 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jjAO&sid=stFuRTmj5ftbqE5DAAGS
Method POST
Parameter x-frame-options
Attack
Evidence
Other Info
Request Header - size: 509 bytes.
Request Body - size: 2 bytes.
Response Header - size: 213 bytes.
Response Body - size: 2 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jjrM&sid=m5eLqvGaL5jlyfljAAGX
Method POST
Parameter x-frame-options
Attack
Evidence
Other Info
Request Header - size: 479 bytes.
Request Body - size: 2 bytes.
Response Header - size: 213 bytes.
Response Body - size: 2 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jjvj&sid=ESW87syAJz_HNbs4AAGY
Method POST
Parameter x-frame-options
Attack
Evidence
Other Info
Request Header - size: 479 bytes.
Request Body - size: 2 bytes.
Response Header - size: 213 bytes.
Response Body - size: 2 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jjWO&sid=UOvZYge4fZlvJrXlAAGT
Method POST
Parameter x-frame-options
Attack
Evidence
Other Info
Request Header - size: 509 bytes.
Request Body - size: 2 bytes.
Response Header - size: 213 bytes.
Response Body - size: 2 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jjXF&sid=pO5oXSpuBhvYLR5JAAGU
Method POST
Parameter x-frame-options
Attack
Evidence
Other Info
Request Header - size: 479 bytes.
Request Body - size: 2 bytes.
Response Header - size: 213 bytes.
Response Body - size: 2 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jkA3&sid=Q8zPnEbA7AqbE-AVAAGd
Method POST
Parameter x-frame-options
Attack
Evidence
Other Info
Request Header - size: 509 bytes.
Request Body - size: 2 bytes.
Response Header - size: 213 bytes.
Response Body - size: 2 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jkA6&sid=iyXeBUil7b3JLYcgAAGe
Method POST
Parameter x-frame-options
Attack
Evidence
Other Info
Request Header - size: 479 bytes.
Request Body - size: 2 bytes.
Response Header - size: 213 bytes.
Response Body - size: 2 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jkL1&sid=AUBufidV7Xu2iZQYAAGh
Method POST
Parameter x-frame-options
Attack
Evidence
Other Info
Request Header - size: 509 bytes.
Request Body - size: 2 bytes.
Response Header - size: 213 bytes.
Response Body - size: 2 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jkUx&sid=WJtHiW-DQZ1T3FzPAAGm
Method POST
Parameter x-frame-options
Attack
Evidence
Other Info
Request Header - size: 428 bytes.
Request Body - size: 2 bytes.
Response Header - size: 213 bytes.
Response Body - size: 2 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jkW4&sid=G6_arwirWv6zE3sVAAGj
Method POST
Parameter x-frame-options
Attack
Evidence
Other Info
Request Header - size: 509 bytes.
Request Body - size: 2 bytes.
Response Header - size: 213 bytes.
Response Body - size: 2 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jkWN&sid=dZrCgW1RREDXBmEcAAGl
Method POST
Parameter x-frame-options
Attack
Evidence
Other Info
Request Header - size: 479 bytes.
Request Body - size: 2 bytes.
Response Header - size: 213 bytes.
Response Body - size: 2 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jkx3&sid=oicUGLWQ8zqxLYu-AAGq
Method POST
Parameter x-frame-options
Attack
Evidence
Other Info
Request Header - size: 479 bytes.
Request Body - size: 2 bytes.
Response Header - size: 213 bytes.
Response Body - size: 2 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jkXg&sid=XDs4qc8WdSz1SZaYAAGk
Method POST
Parameter x-frame-options
Attack
Evidence
Other Info
Request Header - size: 479 bytes.
Request Body - size: 2 bytes.
Response Header - size: 213 bytes.
Response Body - size: 2 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jl3E&sid=1rzP5Fw3pWWcNjyYAAGs
Method POST
Parameter x-frame-options
Attack
Evidence
Other Info
Request Header - size: 509 bytes.
Request Body - size: 2 bytes.
Response Header - size: 213 bytes.
Response Body - size: 2 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jl8n&sid=tjMMZNG7r9vtvAiGAAGu
Method POST
Parameter x-frame-options
Attack
Evidence
Other Info
Request Header - size: 428 bytes.
Request Body - size: 2 bytes.
Response Header - size: 213 bytes.
Response Body - size: 2 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jlco&sid=_iMS3mwcdn5jXzvoAAGz
Method POST
Parameter x-frame-options
Attack
Evidence
Other Info
Request Header - size: 509 bytes.
Request Body - size: 2 bytes.
Response Header - size: 213 bytes.
Response Body - size: 2 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jlGq&sid=XDs4qc8WdSz1SZaYAAGk
Method POST
Parameter x-frame-options
Attack
Evidence
Other Info
Request Header - size: 479 bytes.
Request Body - size: 1 bytes.
Response Header - size: 213 bytes.
Response Body - size: 2 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jlh6&sid=vD9Rp6fFpQO3CrNkAAG3
Method POST
Parameter x-frame-options
Attack
Evidence
Other Info
Request Header - size: 449 bytes.
Request Body - size: 2 bytes.
Response Header - size: 213 bytes.
Response Body - size: 2 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jlHX&sid=IVOPNp79ybKVX9w_AAGw
Method POST
Parameter x-frame-options
Attack
Evidence
Other Info
Request Header - size: 428 bytes.
Request Body - size: 2 bytes.
Response Header - size: 213 bytes.
Response Body - size: 2 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jlka&sid=smjCrULOSmnglxCZAAG5
Method POST
Parameter x-frame-options
Attack
Evidence
Other Info
Request Header - size: 509 bytes.
Request Body - size: 2 bytes.
Response Header - size: 213 bytes.
Response Body - size: 2 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jlq7&sid=1IPVMx647gC7hjOuAAG6
Method POST
Parameter x-frame-options
Attack
Evidence
Other Info
Request Header - size: 479 bytes.
Request Body - size: 2 bytes.
Response Header - size: 213 bytes.
Response Body - size: 2 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jlsE&sid=FyM8yP4UNTckYf2NAAG8
Method POST
Parameter x-frame-options
Attack
Evidence
Other Info
Request Header - size: 509 bytes.
Request Body - size: 2 bytes.
Response Header - size: 213 bytes.
Response Body - size: 2 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jlZK&sid=ldeeeo_dBj2F-1qzAAGy
Method POST
Parameter x-frame-options
Attack
Evidence
Other Info
Request Header - size: 479 bytes.
Request Body - size: 2 bytes.
Response Header - size: 213 bytes.
Response Body - size: 2 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jmDz&sid=6irGIzq91IslKF8kAAG_
Method POST
Parameter x-frame-options
Attack
Evidence
Other Info
Request Header - size: 509 bytes.
Request Body - size: 2 bytes.
Response Header - size: 213 bytes.
Response Body - size: 2 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jmIW&sid=0PnxBar0DV0ylvgqAAHA
Method POST
Parameter x-frame-options
Attack
Evidence
Other Info
Request Header - size: 428 bytes.
Request Body - size: 2 bytes.
Response Header - size: 213 bytes.
Response Body - size: 2 bytes.
Instances 49
Solution
Modern Web browsers support the Content-Security-Policy and X-Frame-Options HTTP headers. Ensure one of them is set on all web pages returned by your site/app.

If you expect the page to be framed only by pages on your server (e.g. it's part of a FRAMESET) then you'll want to use SAMEORIGIN, otherwise if you never expect the page to be framed, you should use DENY. Alternatively consider implementing Content Security Policy's "frame-ancestors" directive.
Reference https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Frame-Options
Tags OWASP_2021_A05
WSTG-v42-CLNT-09
OWASP_2017_A06
CWE Id 1021
WASC Id 15
Plugin Id 10020
Medium
Session ID in URL Rewrite
Description
URL rewrite is used to track user session ID. The session ID may be disclosed via cross-site referer header. In addition, the session ID might be stored in browser history or server logs.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jdMn&sid=dzh6GFQ-5Hjqn77bAAFi
Method GET
Parameter sid
Attack
Evidence dzh6GFQ-5Hjqn77bAAFi
Other Info
Request Header - size: 332 bytes.
Request Body - size: 0 bytes.
Response Header - size: 230 bytes.
Response Body - size: 32 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jdVb&sid=dzh6GFQ-5Hjqn77bAAFi
Method GET
Parameter sid
Attack
Evidence dzh6GFQ-5Hjqn77bAAFi
Other Info
Request Header - size: 332 bytes.
Request Body - size: 0 bytes.
Response Header - size: 229 bytes.
Response Body - size: 1 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jdwF&sid=x-rMJgmhW5uFvkBqAAFk
Method GET
Parameter sid
Attack
Evidence x-rMJgmhW5uFvkBqAAFk
Other Info
Request Header - size: 353 bytes.
Request Body - size: 0 bytes.
Response Header - size: 230 bytes.
Response Body - size: 32 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9je1s&sid=x-rMJgmhW5uFvkBqAAFk
Method GET
Parameter sid
Attack
Evidence x-rMJgmhW5uFvkBqAAFk
Other Info
Request Header - size: 353 bytes.
Request Body - size: 0 bytes.
Response Header - size: 229 bytes.
Response Body - size: 1 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jeQI&sid=UgvLTA13bnTNStDxAAFm
Method GET
Parameter sid
Attack
Evidence UgvLTA13bnTNStDxAAFm
Other Info
Request Header - size: 332 bytes.
Request Body - size: 0 bytes.
Response Header - size: 230 bytes.
Response Body - size: 32 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jesa&sid=X_LjqKUekVZEUm6jAAFo
Method GET
Parameter sid
Attack
Evidence X_LjqKUekVZEUm6jAAFo
Other Info
Request Header - size: 332 bytes.
Request Body - size: 0 bytes.
Response Header - size: 230 bytes.
Response Body - size: 32 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jewP&sid=X_LjqKUekVZEUm6jAAFo
Method GET
Parameter sid
Attack
Evidence X_LjqKUekVZEUm6jAAFo
Other Info
Request Header - size: 332 bytes.
Request Body - size: 0 bytes.
Response Header - size: 229 bytes.
Response Body - size: 1 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jeZy&sid=UgvLTA13bnTNStDxAAFm
Method GET
Parameter sid
Attack
Evidence UgvLTA13bnTNStDxAAFm
Other Info
Request Header - size: 332 bytes.
Request Body - size: 0 bytes.
Response Header - size: 229 bytes.
Response Body - size: 1 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jfMS&sid=YVmN6z5-i-cLlfb0AAFq
Method GET
Parameter sid
Attack
Evidence YVmN6z5-i-cLlfb0AAFq
Other Info
Request Header - size: 332 bytes.
Request Body - size: 0 bytes.
Response Header - size: 230 bytes.
Response Body - size: 32 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jfPC&sid=YVmN6z5-i-cLlfb0AAFq
Method GET
Parameter sid
Attack
Evidence YVmN6z5-i-cLlfb0AAFq
Other Info
Request Header - size: 332 bytes.
Request Body - size: 0 bytes.
Response Header - size: 229 bytes.
Response Body - size: 1 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jfqs&sid=BwU6VebhjW2ZmTJLAAFs
Method GET
Parameter sid
Attack
Evidence BwU6VebhjW2ZmTJLAAFs
Other Info
Request Header - size: 332 bytes.
Request Body - size: 0 bytes.
Response Header - size: 230 bytes.
Response Body - size: 32 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jfuS&sid=BwU6VebhjW2ZmTJLAAFs
Method GET
Parameter sid
Attack
Evidence BwU6VebhjW2ZmTJLAAFs
Other Info
Request Header - size: 332 bytes.
Request Body - size: 0 bytes.
Response Header - size: 229 bytes.
Response Body - size: 1 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jg_k&sid=Fz9xG4f304vfPIFdAAF2
Method GET
Parameter sid
Attack
Evidence Fz9xG4f304vfPIFdAAF2
Other Info
Request Header - size: 353 bytes.
Request Body - size: 0 bytes.
Response Header - size: 229 bytes.
Response Body - size: 1 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jgbn&sid=C9pxj7667ak4ElDXAAFz
Method GET
Parameter sid
Attack
Evidence C9pxj7667ak4ElDXAAFz
Other Info
Request Header - size: 353 bytes.
Request Body - size: 0 bytes.
Response Header - size: 230 bytes.
Response Body - size: 32 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jgfa&sid=C9pxj7667ak4ElDXAAFz
Method GET
Parameter sid
Attack
Evidence C9pxj7667ak4ElDXAAFz
Other Info
Request Header - size: 353 bytes.
Request Body - size: 0 bytes.
Response Header - size: 229 bytes.
Response Body - size: 1 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jggL&sid=YQDCIc_vAs7s9UkwAAFu
Method GET
Parameter sid
Attack
Evidence YQDCIc_vAs7s9UkwAAFu
Other Info
Request Header - size: 383 bytes.
Request Body - size: 0 bytes.
Response Header - size: 229 bytes.
Response Body - size: 1 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jgIr&sid=YQDCIc_vAs7s9UkwAAFu
Method GET
Parameter sid
Attack
Evidence YQDCIc_vAs7s9UkwAAFu
Other Info
Request Header - size: 383 bytes.
Request Body - size: 0 bytes.
Response Header - size: 230 bytes.
Response Body - size: 32 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jgLo&sid=jcmVO4dVXIT-3TOlAAFv
Method GET
Parameter sid
Attack
Evidence jcmVO4dVXIT-3TOlAAFv
Other Info
Request Header - size: 332 bytes.
Request Body - size: 0 bytes.
Response Header - size: 230 bytes.
Response Body - size: 32 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jgQT&sid=jcmVO4dVXIT-3TOlAAFv
Method GET
Parameter sid
Attack
Evidence jcmVO4dVXIT-3TOlAAFv
Other Info
Request Header - size: 332 bytes.
Request Body - size: 0 bytes.
Response Header - size: 229 bytes.
Response Body - size: 1 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jgR7&sid=JEbLLwnIg3LjE956AAFw
Method GET
Parameter sid
Attack
Evidence JEbLLwnIg3LjE956AAFw
Other Info
Request Header - size: 383 bytes.
Request Body - size: 0 bytes.
Response Header - size: 230 bytes.
Response Body - size: 32 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jgT2&sid=JEbLLwnIg3LjE956AAFw
Method GET
Parameter sid
Attack
Evidence JEbLLwnIg3LjE956AAFw
Other Info
Request Header - size: 383 bytes.
Request Body - size: 0 bytes.
Response Header - size: 229 bytes.
Response Body - size: 1 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jgvj&sid=Fz9xG4f304vfPIFdAAF2
Method GET
Parameter sid
Attack
Evidence Fz9xG4f304vfPIFdAAF2
Other Info
Request Header - size: 332 bytes.
Request Body - size: 0 bytes.
Response Header - size: 230 bytes.
Response Body - size: 32 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jgy6&sid=Fz9xG4f304vfPIFdAAF2
Method GET
Parameter sid
Attack
Evidence Fz9xG4f304vfPIFdAAF2
Other Info
Request Header - size: 332 bytes.
Request Body - size: 0 bytes.
Response Header - size: 229 bytes.
Response Body - size: 1 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jhbK&sid=ircBqSGfF6i1eh4LAAF5
Method GET
Parameter sid
Attack
Evidence ircBqSGfF6i1eh4LAAF5
Other Info
Request Header - size: 353 bytes.
Request Body - size: 0 bytes.
Response Header - size: 229 bytes.
Response Body - size: 1 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jhN2&sid=ircBqSGfF6i1eh4LAAF5
Method GET
Parameter sid
Attack
Evidence ircBqSGfF6i1eh4LAAF5
Other Info
Request Header - size: 353 bytes.
Request Body - size: 0 bytes.
Response Header - size: 230 bytes.
Response Body - size: 32 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jhN4&sid=oRSDOYS87TVsdpS5AAF4
Method GET
Parameter sid
Attack
Evidence oRSDOYS87TVsdpS5AAF4
Other Info
Request Header - size: 413 bytes.
Request Body - size: 0 bytes.
Response Header - size: 230 bytes.
Response Body - size: 32 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jhrg&sid=rQ8n9bKhVoMnZzVqAAF8
Method GET
Parameter sid
Attack
Evidence rQ8n9bKhVoMnZzVqAAF8
Other Info
Request Header - size: 332 bytes.
Request Body - size: 0 bytes.
Response Header - size: 230 bytes.
Response Body - size: 32 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jhu0&sid=6md6cZPDbOTL8kA4AAF9
Method GET
Parameter sid
Attack
Evidence 6md6cZPDbOTL8kA4AAF9
Other Info
Request Header - size: 413 bytes.
Request Body - size: 0 bytes.
Response Header - size: 230 bytes.
Response Body - size: 32 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jhub&sid=6md6cZPDbOTL8kA4AAF9
Method GET
Parameter sid
Attack
Evidence 6md6cZPDbOTL8kA4AAF9
Other Info
Request Header - size: 413 bytes.
Request Body - size: 0 bytes.
Response Header - size: 229 bytes.
Response Body - size: 1 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jhuh&sid=rQ8n9bKhVoMnZzVqAAF8
Method GET
Parameter sid
Attack
Evidence rQ8n9bKhVoMnZzVqAAF8
Other Info
Request Header - size: 332 bytes.
Request Body - size: 0 bytes.
Response Header - size: 229 bytes.
Response Body - size: 1 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jhY5&sid=oRSDOYS87TVsdpS5AAF4
Method GET
Parameter sid
Attack
Evidence oRSDOYS87TVsdpS5AAF4
Other Info
Request Header - size: 413 bytes.
Request Body - size: 0 bytes.
Response Header - size: 229 bytes.
Response Body - size: 1 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9ji_Z&sid=swS8xiEhDtG-gjf9AAGL
Method GET
Parameter sid
Attack
Evidence swS8xiEhDtG-gjf9AAGL
Other Info
Request Header - size: 383 bytes.
Request Body - size: 0 bytes.
Response Header - size: 229 bytes.
Response Body - size: 1 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jiaX&sid=vr_XiVG0kWUfU3miAAGE
Method GET
Parameter sid
Attack
Evidence vr_XiVG0kWUfU3miAAGE
Other Info
Request Header - size: 383 bytes.
Request Body - size: 0 bytes.
Response Header - size: 230 bytes.
Response Body - size: 32 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jiB0&sid=bzzlf42LCnuE8YRhAAGB
Method GET
Parameter sid
Attack
Evidence bzzlf42LCnuE8YRhAAGB
Other Info
Request Header - size: 332 bytes.
Request Body - size: 0 bytes.
Response Header - size: 230 bytes.
Response Body - size: 32 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jiB7&sid=ICephQEqajXidCI9AAGA
Method GET
Parameter sid
Attack
Evidence ICephQEqajXidCI9AAGA
Other Info
Request Header - size: 383 bytes.
Request Body - size: 0 bytes.
Response Header - size: 230 bytes.
Response Body - size: 32 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jibV&sid=LXi0b5zbD2uPF_1wAAGF
Method GET
Parameter sid
Attack
Evidence LXi0b5zbD2uPF_1wAAGF
Other Info
Request Header - size: 413 bytes.
Request Body - size: 0 bytes.
Response Header - size: 230 bytes.
Response Body - size: 32 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jiiB&sid=vr_XiVG0kWUfU3miAAGE
Method GET
Parameter sid
Attack
Evidence vr_XiVG0kWUfU3miAAGE
Other Info
Request Header - size: 383 bytes.
Request Body - size: 0 bytes.
Response Header - size: 229 bytes.
Response Body - size: 1 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jiKb&sid=ICephQEqajXidCI9AAGA
Method GET
Parameter sid
Attack
Evidence ICephQEqajXidCI9AAGA
Other Info
Request Header - size: 383 bytes.
Request Body - size: 0 bytes.
Response Header - size: 229 bytes.
Response Body - size: 1 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jiKk&sid=bzzlf42LCnuE8YRhAAGB
Method GET
Parameter sid
Attack
Evidence bzzlf42LCnuE8YRhAAGB
Other Info
Request Header - size: 332 bytes.
Request Body - size: 0 bytes.
Response Header - size: 229 bytes.
Response Body - size: 1 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jikQ&sid=LXi0b5zbD2uPF_1wAAGF
Method GET
Parameter sid
Attack
Evidence LXi0b5zbD2uPF_1wAAGF
Other Info
Request Header - size: 413 bytes.
Request Body - size: 0 bytes.
Response Header - size: 229 bytes.
Response Body - size: 1 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jisj&sid=RQ3tx66nAHx-1T99AAGJ
Method GET
Parameter sid
Attack
Evidence RQ3tx66nAHx-1T99AAGJ
Other Info
Request Header - size: 383 bytes.
Request Body - size: 0 bytes.
Response Header - size: 230 bytes.
Response Body - size: 32 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jitu&sid=m3ljiLDaQCNrusGbAAGK
Method GET
Parameter sid
Attack
Evidence m3ljiLDaQCNrusGbAAGK
Other Info
Request Header - size: 383 bytes.
Request Body - size: 0 bytes.
Response Header - size: 230 bytes.
Response Body - size: 32 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jiuX&sid=iTq19Prhofu3WRc6AAGI
Method GET
Parameter sid
Attack
Evidence iTq19Prhofu3WRc6AAGI
Other Info
Request Header - size: 383 bytes.
Request Body - size: 0 bytes.
Response Header - size: 230 bytes.
Response Body - size: 32 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jivh&sid=swS8xiEhDtG-gjf9AAGL
Method GET
Parameter sid
Attack
Evidence swS8xiEhDtG-gjf9AAGL
Other Info
Request Header - size: 383 bytes.
Request Body - size: 0 bytes.
Response Header - size: 230 bytes.
Response Body - size: 32 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jj-N&sid=stFuRTmj5ftbqE5DAAGS
Method GET
Parameter sid
Attack
Evidence stFuRTmj5ftbqE5DAAGS
Other Info
Request Header - size: 413 bytes.
Request Body - size: 0 bytes.
Response Header - size: 229 bytes.
Response Body - size: 1 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jj7Q&sid=9Rq6Ygc2rb9B-I57AAGQ
Method GET
Parameter sid
Attack
Evidence 9Rq6Ygc2rb9B-I57AAGQ
Other Info
Request Header - size: 332 bytes.
Request Body - size: 0 bytes.
Response Header - size: 230 bytes.
Response Body - size: 32 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jj9d&sid=9Rq6Ygc2rb9B-I57AAGQ
Method GET
Parameter sid
Attack
Evidence 9Rq6Ygc2rb9B-I57AAGQ
Other Info
Request Header - size: 332 bytes.
Request Body - size: 0 bytes.
Response Header - size: 229 bytes.
Response Body - size: 1 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jjAQ&sid=stFuRTmj5ftbqE5DAAGS
Method GET
Parameter sid
Attack
Evidence stFuRTmj5ftbqE5DAAGS
Other Info
Request Header - size: 413 bytes.
Request Body - size: 0 bytes.
Response Header - size: 230 bytes.
Response Body - size: 32 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jjf7&sid=pO5oXSpuBhvYLR5JAAGU
Method GET
Parameter sid
Attack
Evidence pO5oXSpuBhvYLR5JAAGU
Other Info
Request Header - size: 383 bytes.
Request Body - size: 0 bytes.
Response Header - size: 229 bytes.
Response Body - size: 1 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jjrP&sid=m5eLqvGaL5jlyfljAAGX
Method GET
Parameter sid
Attack
Evidence m5eLqvGaL5jlyfljAAGX
Other Info
Request Header - size: 383 bytes.
Request Body - size: 0 bytes.
Response Header - size: 230 bytes.
Response Body - size: 32 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jjtc&sid=m5eLqvGaL5jlyfljAAGX
Method GET
Parameter sid
Attack
Evidence m5eLqvGaL5jlyfljAAGX
Other Info
Request Header - size: 383 bytes.
Request Body - size: 0 bytes.
Response Header - size: 229 bytes.
Response Body - size: 1 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jjvn&sid=ESW87syAJz_HNbs4AAGY
Method GET
Parameter sid
Attack
Evidence ESW87syAJz_HNbs4AAGY
Other Info
Request Header - size: 383 bytes.
Request Body - size: 0 bytes.
Response Header - size: 230 bytes.
Response Body - size: 32 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jjWP&sid=UOvZYge4fZlvJrXlAAGT
Method GET
Parameter sid
Attack
Evidence UOvZYge4fZlvJrXlAAGT
Other Info
Request Header - size: 413 bytes.
Request Body - size: 0 bytes.
Response Header - size: 230 bytes.
Response Body - size: 32 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jjXH&sid=pO5oXSpuBhvYLR5JAAGU
Method GET
Parameter sid
Attack
Evidence pO5oXSpuBhvYLR5JAAGU
Other Info
Request Header - size: 383 bytes.
Request Body - size: 0 bytes.
Response Header - size: 230 bytes.
Response Body - size: 32 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jjzw&sid=ESW87syAJz_HNbs4AAGY
Method GET
Parameter sid
Attack
Evidence ESW87syAJz_HNbs4AAGY
Other Info
Request Header - size: 383 bytes.
Request Body - size: 0 bytes.
Response Header - size: 229 bytes.
Response Body - size: 1 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jk-P&sid=oicUGLWQ8zqxLYu-AAGq
Method GET
Parameter sid
Attack
Evidence oicUGLWQ8zqxLYu-AAGq
Other Info
Request Header - size: 383 bytes.
Request Body - size: 0 bytes.
Response Header - size: 229 bytes.
Response Body - size: 1 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jkA6&sid=Q8zPnEbA7AqbE-AVAAGd
Method GET
Parameter sid
Attack
Evidence Q8zPnEbA7AqbE-AVAAGd
Other Info
Request Header - size: 413 bytes.
Request Body - size: 0 bytes.
Response Header - size: 230 bytes.
Response Body - size: 32 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jkAG&sid=iyXeBUil7b3JLYcgAAGe
Method GET
Parameter sid
Attack
Evidence iyXeBUil7b3JLYcgAAGe
Other Info
Request Header - size: 383 bytes.
Request Body - size: 0 bytes.
Response Header - size: 230 bytes.
Response Body - size: 32 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jkc5&sid=WJtHiW-DQZ1T3FzPAAGm
Method GET
Parameter sid
Attack
Evidence WJtHiW-DQZ1T3FzPAAGm
Other Info
Request Header - size: 332 bytes.
Request Body - size: 0 bytes.
Response Header - size: 229 bytes.
Response Body - size: 1 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jkcQ&sid=G6_arwirWv6zE3sVAAGj
Method GET
Parameter sid
Attack
Evidence G6_arwirWv6zE3sVAAGj
Other Info
Request Header - size: 413 bytes.
Request Body - size: 0 bytes.
Response Header - size: 229 bytes.
Response Body - size: 1 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jkdp&sid=XDs4qc8WdSz1SZaYAAGk
Method GET
Parameter sid
Attack
Evidence XDs4qc8WdSz1SZaYAAGk
Other Info
Request Header - size: 383 bytes.
Request Body - size: 0 bytes.
Response Header - size: 229 bytes.
Response Body - size: 1 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jkDz&sid=Q8zPnEbA7AqbE-AVAAGd
Method GET
Parameter sid
Attack
Evidence Q8zPnEbA7AqbE-AVAAGd
Other Info
Request Header - size: 413 bytes.
Request Body - size: 0 bytes.
Response Header - size: 229 bytes.
Response Body - size: 1 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jkEH&sid=iyXeBUil7b3JLYcgAAGe
Method GET
Parameter sid
Attack
Evidence iyXeBUil7b3JLYcgAAGe
Other Info
Request Header - size: 383 bytes.
Request Body - size: 0 bytes.
Response Header - size: 229 bytes.
Response Body - size: 1 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jkL2&sid=AUBufidV7Xu2iZQYAAGh
Method GET
Parameter sid
Attack
Evidence AUBufidV7Xu2iZQYAAGh
Other Info
Request Header - size: 413 bytes.
Request Body - size: 0 bytes.
Response Header - size: 230 bytes.
Response Body - size: 32 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jkLy&sid=AUBufidV7Xu2iZQYAAGh
Method GET
Parameter sid
Attack
Evidence AUBufidV7Xu2iZQYAAGh
Other Info
Request Header - size: 413 bytes.
Request Body - size: 0 bytes.
Response Header - size: 229 bytes.
Response Body - size: 1 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jkV0&sid=WJtHiW-DQZ1T3FzPAAGm
Method GET
Parameter sid
Attack
Evidence WJtHiW-DQZ1T3FzPAAGm
Other Info
Request Header - size: 332 bytes.
Request Body - size: 0 bytes.
Response Header - size: 230 bytes.
Response Body - size: 32 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jkW6&sid=G6_arwirWv6zE3sVAAGj
Method GET
Parameter sid
Attack
Evidence G6_arwirWv6zE3sVAAGj
Other Info
Request Header - size: 413 bytes.
Request Body - size: 0 bytes.
Response Header - size: 230 bytes.
Response Body - size: 32 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jkWP&sid=dZrCgW1RREDXBmEcAAGl
Method GET
Parameter sid
Attack
Evidence dZrCgW1RREDXBmEcAAGl
Other Info
Request Header - size: 383 bytes.
Request Body - size: 0 bytes.
Response Header - size: 230 bytes.
Response Body - size: 32 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jkx6&sid=oicUGLWQ8zqxLYu-AAGq
Method GET
Parameter sid
Attack
Evidence oicUGLWQ8zqxLYu-AAGq
Other Info
Request Header - size: 383 bytes.
Request Body - size: 0 bytes.
Response Header - size: 230 bytes.
Response Body - size: 32 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jkXk&sid=XDs4qc8WdSz1SZaYAAGk
Method GET
Parameter sid
Attack
Evidence XDs4qc8WdSz1SZaYAAGk
Other Info
Request Header - size: 383 bytes.
Request Body - size: 0 bytes.
Response Header - size: 230 bytes.
Response Body - size: 32 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jl3F&sid=1rzP5Fw3pWWcNjyYAAGs
Method GET
Parameter sid
Attack
Evidence 1rzP5Fw3pWWcNjyYAAGs
Other Info
Request Header - size: 413 bytes.
Request Body - size: 0 bytes.
Response Header - size: 230 bytes.
Response Body - size: 32 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jl8f&sid=1rzP5Fw3pWWcNjyYAAGs
Method GET
Parameter sid
Attack
Evidence 1rzP5Fw3pWWcNjyYAAGs
Other Info
Request Header - size: 413 bytes.
Request Body - size: 0 bytes.
Response Header - size: 229 bytes.
Response Body - size: 1 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jl8p&sid=tjMMZNG7r9vtvAiGAAGu
Method GET
Parameter sid
Attack
Evidence tjMMZNG7r9vtvAiGAAGu
Other Info
Request Header - size: 332 bytes.
Request Body - size: 0 bytes.
Response Header - size: 230 bytes.
Response Body - size: 32 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jlBO&sid=tjMMZNG7r9vtvAiGAAGu
Method GET
Parameter sid
Attack
Evidence tjMMZNG7r9vtvAiGAAGu
Other Info
Request Header - size: 332 bytes.
Request Body - size: 0 bytes.
Response Header - size: 229 bytes.
Response Body - size: 1 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jlcq&sid=_iMS3mwcdn5jXzvoAAGz
Method GET
Parameter sid
Attack
Evidence _iMS3mwcdn5jXzvoAAGz
Other Info
Request Header - size: 413 bytes.
Request Body - size: 0 bytes.
Response Header - size: 230 bytes.
Response Body - size: 32 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jlfp&sid=_iMS3mwcdn5jXzvoAAGz
Method GET
Parameter sid
Attack
Evidence _iMS3mwcdn5jXzvoAAGz
Other Info
Request Header - size: 413 bytes.
Request Body - size: 0 bytes.
Response Header - size: 229 bytes.
Response Body - size: 1 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jlfv&sid=dZrCgW1RREDXBmEcAAGl
Method GET
Parameter sid
Attack
Evidence dZrCgW1RREDXBmEcAAGl
Other Info
Request Header - size: 383 bytes.
Request Body - size: 0 bytes.
Response Header - size: 229 bytes.
Response Body - size: 1 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jlh8&sid=vD9Rp6fFpQO3CrNkAAG3
Method GET
Parameter sid
Attack
Evidence vD9Rp6fFpQO3CrNkAAG3
Other Info
Request Header - size: 353 bytes.
Request Body - size: 0 bytes.
Response Header - size: 230 bytes.
Response Body - size: 32 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jlHY&sid=IVOPNp79ybKVX9w_AAGw
Method GET
Parameter sid
Attack
Evidence IVOPNp79ybKVX9w_AAGw
Other Info
Request Header - size: 332 bytes.
Request Body - size: 0 bytes.
Response Header - size: 230 bytes.
Response Body - size: 32 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jliN&sid=vD9Rp6fFpQO3CrNkAAG3
Method GET
Parameter sid
Attack
Evidence vD9Rp6fFpQO3CrNkAAG3
Other Info
Request Header - size: 353 bytes.
Request Body - size: 0 bytes.
Response Header - size: 229 bytes.
Response Body - size: 1 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jlkc&sid=smjCrULOSmnglxCZAAG5
Method GET
Parameter sid
Attack
Evidence smjCrULOSmnglxCZAAG5
Other Info
Request Header - size: 413 bytes.
Request Body - size: 0 bytes.
Response Header - size: 230 bytes.
Response Body - size: 32 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jllt&sid=smjCrULOSmnglxCZAAG5
Method GET
Parameter sid
Attack
Evidence smjCrULOSmnglxCZAAG5
Other Info
Request Header - size: 413 bytes.
Request Body - size: 0 bytes.
Response Header - size: 229 bytes.
Response Body - size: 1 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jlqS&sid=1IPVMx647gC7hjOuAAG6
Method GET
Parameter sid
Attack
Evidence 1IPVMx647gC7hjOuAAG6
Other Info
Request Header - size: 383 bytes.
Request Body - size: 0 bytes.
Response Header - size: 230 bytes.
Response Body - size: 32 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jlsG&sid=FyM8yP4UNTckYf2NAAG8
Method GET
Parameter sid
Attack
Evidence FyM8yP4UNTckYf2NAAG8
Other Info
Request Header - size: 413 bytes.
Request Body - size: 0 bytes.
Response Header - size: 230 bytes.
Response Body - size: 32 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jlSq&sid=IVOPNp79ybKVX9w_AAGw
Method GET
Parameter sid
Attack
Evidence IVOPNp79ybKVX9w_AAGw
Other Info
Request Header - size: 332 bytes.
Request Body - size: 0 bytes.
Response Header - size: 229 bytes.
Response Body - size: 1 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jlv0&sid=1IPVMx647gC7hjOuAAG6
Method GET
Parameter sid
Attack
Evidence 1IPVMx647gC7hjOuAAG6
Other Info
Request Header - size: 383 bytes.
Request Body - size: 0 bytes.
Response Header - size: 229 bytes.
Response Body - size: 1 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jlv1&sid=FyM8yP4UNTckYf2NAAG8
Method GET
Parameter sid
Attack
Evidence FyM8yP4UNTckYf2NAAG8
Other Info
Request Header - size: 413 bytes.
Request Body - size: 0 bytes.
Response Header - size: 229 bytes.
Response Body - size: 1 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jlZL&sid=ldeeeo_dBj2F-1qzAAGy
Method GET
Parameter sid
Attack
Evidence ldeeeo_dBj2F-1qzAAGy
Other Info
Request Header - size: 383 bytes.
Request Body - size: 0 bytes.
Response Header - size: 230 bytes.
Response Body - size: 32 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jm6n&sid=ldeeeo_dBj2F-1qzAAGy
Method GET
Parameter sid
Attack
Evidence ldeeeo_dBj2F-1qzAAGy
Other Info
Request Header - size: 383 bytes.
Request Body - size: 0 bytes.
Response Header - size: 229 bytes.
Response Body - size: 1 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jmD_&sid=6irGIzq91IslKF8kAAG_
Method GET
Parameter sid
Attack
Evidence 6irGIzq91IslKF8kAAG_
Other Info
Request Header - size: 413 bytes.
Request Body - size: 0 bytes.
Response Header - size: 230 bytes.
Response Body - size: 32 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jmIn&sid=6irGIzq91IslKF8kAAG_
Method GET
Parameter sid
Attack
Evidence 6irGIzq91IslKF8kAAG_
Other Info
Request Header - size: 413 bytes.
Request Body - size: 0 bytes.
Response Header - size: 229 bytes.
Response Body - size: 1 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jmIZ&sid=0PnxBar0DV0ylvgqAAHA
Method GET
Parameter sid
Attack
Evidence 0PnxBar0DV0ylvgqAAHA
Other Info
Request Header - size: 332 bytes.
Request Body - size: 0 bytes.
Response Header - size: 230 bytes.
Response Body - size: 32 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jmOH&sid=0PnxBar0DV0ylvgqAAHA
Method GET
Parameter sid
Attack
Evidence 0PnxBar0DV0ylvgqAAHA
Other Info
Request Header - size: 332 bytes.
Request Body - size: 0 bytes.
Response Header - size: 229 bytes.
Response Body - size: 1 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=websocket&sid=0PnxBar0DV0ylvgqAAHA
Method GET
Parameter sid
Attack
Evidence 0PnxBar0DV0ylvgqAAHA
Other Info
Request Header - size: 466 bytes.
Request Body - size: 0 bytes.
Response Header - size: 129 bytes.
Response Body - size: 0 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=websocket&sid=1IPVMx647gC7hjOuAAG6
Method GET
Parameter sid
Attack
Evidence 1IPVMx647gC7hjOuAAG6
Other Info
Request Header - size: 517 bytes.
Request Body - size: 0 bytes.
Response Header - size: 129 bytes.
Response Body - size: 0 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=websocket&sid=1rzP5Fw3pWWcNjyYAAGs
Method GET
Parameter sid
Attack
Evidence 1rzP5Fw3pWWcNjyYAAGs
Other Info
Request Header - size: 547 bytes.
Request Body - size: 0 bytes.
Response Header - size: 129 bytes.
Response Body - size: 0 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=websocket&sid=6irGIzq91IslKF8kAAG_
Method GET
Parameter sid
Attack
Evidence 6irGIzq91IslKF8kAAG_
Other Info
Request Header - size: 547 bytes.
Request Body - size: 0 bytes.
Response Header - size: 129 bytes.
Response Body - size: 0 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=websocket&sid=6md6cZPDbOTL8kA4AAF9
Method GET
Parameter sid
Attack
Evidence 6md6cZPDbOTL8kA4AAF9
Other Info
Request Header - size: 547 bytes.
Request Body - size: 0 bytes.
Response Header - size: 129 bytes.
Response Body - size: 0 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=websocket&sid=9Rq6Ygc2rb9B-I57AAGQ
Method GET
Parameter sid
Attack
Evidence 9Rq6Ygc2rb9B-I57AAGQ
Other Info
Request Header - size: 466 bytes.
Request Body - size: 0 bytes.
Response Header - size: 129 bytes.
Response Body - size: 0 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=websocket&sid=_iMS3mwcdn5jXzvoAAGz
Method GET
Parameter sid
Attack
Evidence _iMS3mwcdn5jXzvoAAGz
Other Info
Request Header - size: 547 bytes.
Request Body - size: 0 bytes.
Response Header - size: 129 bytes.
Response Body - size: 0 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=websocket&sid=AUBufidV7Xu2iZQYAAGh
Method GET
Parameter sid
Attack
Evidence AUBufidV7Xu2iZQYAAGh
Other Info
Request Header - size: 547 bytes.
Request Body - size: 0 bytes.
Response Header - size: 129 bytes.
Response Body - size: 0 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=websocket&sid=BwU6VebhjW2ZmTJLAAFs
Method GET
Parameter sid
Attack
Evidence BwU6VebhjW2ZmTJLAAFs
Other Info
Request Header - size: 466 bytes.
Request Body - size: 0 bytes.
Response Header - size: 129 bytes.
Response Body - size: 0 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=websocket&sid=bzzlf42LCnuE8YRhAAGB
Method GET
Parameter sid
Attack
Evidence bzzlf42LCnuE8YRhAAGB
Other Info
Request Header - size: 466 bytes.
Request Body - size: 0 bytes.
Response Header - size: 129 bytes.
Response Body - size: 0 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=websocket&sid=C9pxj7667ak4ElDXAAFz
Method GET
Parameter sid
Attack
Evidence C9pxj7667ak4ElDXAAFz
Other Info
Request Header - size: 487 bytes.
Request Body - size: 0 bytes.
Response Header - size: 129 bytes.
Response Body - size: 0 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=websocket&sid=dzh6GFQ-5Hjqn77bAAFi
Method GET
Parameter sid
Attack
Evidence dzh6GFQ-5Hjqn77bAAFi
Other Info
Request Header - size: 466 bytes.
Request Body - size: 0 bytes.
Response Header - size: 129 bytes.
Response Body - size: 0 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=websocket&sid=dZrCgW1RREDXBmEcAAGl
Method GET
Parameter sid
Attack
Evidence dZrCgW1RREDXBmEcAAGl
Other Info
Request Header - size: 517 bytes.
Request Body - size: 0 bytes.
Response Header - size: 129 bytes.
Response Body - size: 0 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=websocket&sid=ESW87syAJz_HNbs4AAGY
Method GET
Parameter sid
Attack
Evidence ESW87syAJz_HNbs4AAGY
Other Info
Request Header - size: 517 bytes.
Request Body - size: 0 bytes.
Response Header - size: 129 bytes.
Response Body - size: 0 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=websocket&sid=FyM8yP4UNTckYf2NAAG8
Method GET
Parameter sid
Attack
Evidence FyM8yP4UNTckYf2NAAG8
Other Info
Request Header - size: 547 bytes.
Request Body - size: 0 bytes.
Response Header - size: 129 bytes.
Response Body - size: 0 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=websocket&sid=Fz9xG4f304vfPIFdAAF2
Method GET
Parameter sid
Attack
Evidence Fz9xG4f304vfPIFdAAF2
Other Info
Request Header - size: 466 bytes.
Request Body - size: 0 bytes.
Response Header - size: 129 bytes.
Response Body - size: 0 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=websocket&sid=G6_arwirWv6zE3sVAAGj
Method GET
Parameter sid
Attack
Evidence G6_arwirWv6zE3sVAAGj
Other Info
Request Header - size: 547 bytes.
Request Body - size: 0 bytes.
Response Header - size: 129 bytes.
Response Body - size: 0 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=websocket&sid=ICephQEqajXidCI9AAGA
Method GET
Parameter sid
Attack
Evidence ICephQEqajXidCI9AAGA
Other Info
Request Header - size: 517 bytes.
Request Body - size: 0 bytes.
Response Header - size: 129 bytes.
Response Body - size: 0 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=websocket&sid=ircBqSGfF6i1eh4LAAF5
Method GET
Parameter sid
Attack
Evidence ircBqSGfF6i1eh4LAAF5
Other Info
Request Header - size: 487 bytes.
Request Body - size: 0 bytes.
Response Header - size: 129 bytes.
Response Body - size: 0 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=websocket&sid=iTq19Prhofu3WRc6AAGI
Method GET
Parameter sid
Attack
Evidence iTq19Prhofu3WRc6AAGI
Other Info
Request Header - size: 517 bytes.
Request Body - size: 0 bytes.
Response Header - size: 129 bytes.
Response Body - size: 0 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=websocket&sid=IVOPNp79ybKVX9w_AAGw
Method GET
Parameter sid
Attack
Evidence IVOPNp79ybKVX9w_AAGw
Other Info
Request Header - size: 466 bytes.
Request Body - size: 0 bytes.
Response Header - size: 129 bytes.
Response Body - size: 0 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=websocket&sid=iyXeBUil7b3JLYcgAAGe
Method GET
Parameter sid
Attack
Evidence iyXeBUil7b3JLYcgAAGe
Other Info
Request Header - size: 517 bytes.
Request Body - size: 0 bytes.
Response Header - size: 129 bytes.
Response Body - size: 0 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=websocket&sid=jcmVO4dVXIT-3TOlAAFv
Method GET
Parameter sid
Attack
Evidence jcmVO4dVXIT-3TOlAAFv
Other Info
Request Header - size: 466 bytes.
Request Body - size: 0 bytes.
Response Header - size: 129 bytes.
Response Body - size: 0 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=websocket&sid=JEbLLwnIg3LjE956AAFw
Method GET
Parameter sid
Attack
Evidence JEbLLwnIg3LjE956AAFw
Other Info
Request Header - size: 517 bytes.
Request Body - size: 0 bytes.
Response Header - size: 129 bytes.
Response Body - size: 0 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=websocket&sid=ldeeeo_dBj2F-1qzAAGy
Method GET
Parameter sid
Attack
Evidence ldeeeo_dBj2F-1qzAAGy
Other Info
Request Header - size: 517 bytes.
Request Body - size: 0 bytes.
Response Header - size: 129 bytes.
Response Body - size: 0 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=websocket&sid=LXi0b5zbD2uPF_1wAAGF
Method GET
Parameter sid
Attack
Evidence LXi0b5zbD2uPF_1wAAGF
Other Info
Request Header - size: 547 bytes.
Request Body - size: 0 bytes.
Response Header - size: 129 bytes.
Response Body - size: 0 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=websocket&sid=m3ljiLDaQCNrusGbAAGK
Method GET
Parameter sid
Attack
Evidence m3ljiLDaQCNrusGbAAGK
Other Info
Request Header - size: 517 bytes.
Request Body - size: 0 bytes.
Response Header - size: 129 bytes.
Response Body - size: 0 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=websocket&sid=m5eLqvGaL5jlyfljAAGX
Method GET
Parameter sid
Attack
Evidence m5eLqvGaL5jlyfljAAGX
Other Info
Request Header - size: 517 bytes.
Request Body - size: 0 bytes.
Response Header - size: 129 bytes.
Response Body - size: 0 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=websocket&sid=oicUGLWQ8zqxLYu-AAGq
Method GET
Parameter sid
Attack
Evidence oicUGLWQ8zqxLYu-AAGq
Other Info
Request Header - size: 517 bytes.
Request Body - size: 0 bytes.
Response Header - size: 129 bytes.
Response Body - size: 0 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=websocket&sid=oRSDOYS87TVsdpS5AAF4
Method GET
Parameter sid
Attack
Evidence oRSDOYS87TVsdpS5AAF4
Other Info
Request Header - size: 547 bytes.
Request Body - size: 0 bytes.
Response Header - size: 129 bytes.
Response Body - size: 0 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=websocket&sid=pO5oXSpuBhvYLR5JAAGU
Method GET
Parameter sid
Attack
Evidence pO5oXSpuBhvYLR5JAAGU
Other Info
Request Header - size: 517 bytes.
Request Body - size: 0 bytes.
Response Header - size: 129 bytes.
Response Body - size: 0 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=websocket&sid=Q8zPnEbA7AqbE-AVAAGd
Method GET
Parameter sid
Attack
Evidence Q8zPnEbA7AqbE-AVAAGd
Other Info
Request Header - size: 547 bytes.
Request Body - size: 0 bytes.
Response Header - size: 129 bytes.
Response Body - size: 0 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=websocket&sid=RQ3tx66nAHx-1T99AAGJ
Method GET
Parameter sid
Attack
Evidence RQ3tx66nAHx-1T99AAGJ
Other Info
Request Header - size: 517 bytes.
Request Body - size: 0 bytes.
Response Header - size: 129 bytes.
Response Body - size: 0 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=websocket&sid=rQ8n9bKhVoMnZzVqAAF8
Method GET
Parameter sid
Attack
Evidence rQ8n9bKhVoMnZzVqAAF8
Other Info
Request Header - size: 466 bytes.
Request Body - size: 0 bytes.
Response Header - size: 129 bytes.
Response Body - size: 0 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=websocket&sid=smjCrULOSmnglxCZAAG5
Method GET
Parameter sid
Attack
Evidence smjCrULOSmnglxCZAAG5
Other Info
Request Header - size: 547 bytes.
Request Body - size: 0 bytes.
Response Header - size: 129 bytes.
Response Body - size: 0 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=websocket&sid=stFuRTmj5ftbqE5DAAGS
Method GET
Parameter sid
Attack
Evidence stFuRTmj5ftbqE5DAAGS
Other Info
Request Header - size: 547 bytes.
Request Body - size: 0 bytes.
Response Header - size: 129 bytes.
Response Body - size: 0 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=websocket&sid=swS8xiEhDtG-gjf9AAGL
Method GET
Parameter sid
Attack
Evidence swS8xiEhDtG-gjf9AAGL
Other Info
Request Header - size: 517 bytes.
Request Body - size: 0 bytes.
Response Header - size: 129 bytes.
Response Body - size: 0 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=websocket&sid=tjMMZNG7r9vtvAiGAAGu
Method GET
Parameter sid
Attack
Evidence tjMMZNG7r9vtvAiGAAGu
Other Info
Request Header - size: 466 bytes.
Request Body - size: 0 bytes.
Response Header - size: 129 bytes.
Response Body - size: 0 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=websocket&sid=UgvLTA13bnTNStDxAAFm
Method GET
Parameter sid
Attack
Evidence UgvLTA13bnTNStDxAAFm
Other Info
Request Header - size: 466 bytes.
Request Body - size: 0 bytes.
Response Header - size: 129 bytes.
Response Body - size: 0 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=websocket&sid=UOvZYge4fZlvJrXlAAGT
Method GET
Parameter sid
Attack
Evidence UOvZYge4fZlvJrXlAAGT
Other Info
Request Header - size: 547 bytes.
Request Body - size: 0 bytes.
Response Header - size: 129 bytes.
Response Body - size: 0 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=websocket&sid=vD9Rp6fFpQO3CrNkAAG3
Method GET
Parameter sid
Attack
Evidence vD9Rp6fFpQO3CrNkAAG3
Other Info
Request Header - size: 487 bytes.
Request Body - size: 0 bytes.
Response Header - size: 129 bytes.
Response Body - size: 0 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=websocket&sid=vr_XiVG0kWUfU3miAAGE
Method GET
Parameter sid
Attack
Evidence vr_XiVG0kWUfU3miAAGE
Other Info
Request Header - size: 517 bytes.
Request Body - size: 0 bytes.
Response Header - size: 129 bytes.
Response Body - size: 0 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=websocket&sid=WJtHiW-DQZ1T3FzPAAGm
Method GET
Parameter sid
Attack
Evidence WJtHiW-DQZ1T3FzPAAGm
Other Info
Request Header - size: 466 bytes.
Request Body - size: 0 bytes.
Response Header - size: 129 bytes.
Response Body - size: 0 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=websocket&sid=x-rMJgmhW5uFvkBqAAFk
Method GET
Parameter sid
Attack
Evidence x-rMJgmhW5uFvkBqAAFk
Other Info
Request Header - size: 487 bytes.
Request Body - size: 0 bytes.
Response Header - size: 129 bytes.
Response Body - size: 0 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=websocket&sid=X_LjqKUekVZEUm6jAAFo
Method GET
Parameter sid
Attack
Evidence X_LjqKUekVZEUm6jAAFo
Other Info
Request Header - size: 466 bytes.
Request Body - size: 0 bytes.
Response Header - size: 129 bytes.
Response Body - size: 0 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=websocket&sid=XDs4qc8WdSz1SZaYAAGk
Method GET
Parameter sid
Attack
Evidence XDs4qc8WdSz1SZaYAAGk
Other Info
Request Header - size: 517 bytes.
Request Body - size: 0 bytes.
Response Header - size: 92 bytes.
Response Body - size: 18 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=websocket&sid=YQDCIc_vAs7s9UkwAAFu
Method GET
Parameter sid
Attack
Evidence YQDCIc_vAs7s9UkwAAFu
Other Info
Request Header - size: 517 bytes.
Request Body - size: 0 bytes.
Response Header - size: 129 bytes.
Response Body - size: 0 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=websocket&sid=YVmN6z5-i-cLlfb0AAFq
Method GET
Parameter sid
Attack
Evidence YVmN6z5-i-cLlfb0AAFq
Other Info
Request Header - size: 466 bytes.
Request Body - size: 0 bytes.
Response Header - size: 129 bytes.
Response Body - size: 0 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jdMl&sid=dzh6GFQ-5Hjqn77bAAFi
Method POST
Parameter sid
Attack
Evidence dzh6GFQ-5Hjqn77bAAFi
Other Info
Request Header - size: 428 bytes.
Request Body - size: 2 bytes.
Response Header - size: 213 bytes.
Response Body - size: 2 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jdwE&sid=x-rMJgmhW5uFvkBqAAFk
Method POST
Parameter sid
Attack
Evidence x-rMJgmhW5uFvkBqAAFk
Other Info
Request Header - size: 449 bytes.
Request Body - size: 2 bytes.
Response Header - size: 213 bytes.
Response Body - size: 2 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jeQH&sid=UgvLTA13bnTNStDxAAFm
Method POST
Parameter sid
Attack
Evidence UgvLTA13bnTNStDxAAFm
Other Info
Request Header - size: 428 bytes.
Request Body - size: 2 bytes.
Response Header - size: 213 bytes.
Response Body - size: 2 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jesZ&sid=X_LjqKUekVZEUm6jAAFo
Method POST
Parameter sid
Attack
Evidence X_LjqKUekVZEUm6jAAFo
Other Info
Request Header - size: 428 bytes.
Request Body - size: 2 bytes.
Response Header - size: 213 bytes.
Response Body - size: 2 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jfMQ&sid=YVmN6z5-i-cLlfb0AAFq
Method POST
Parameter sid
Attack
Evidence YVmN6z5-i-cLlfb0AAFq
Other Info
Request Header - size: 428 bytes.
Request Body - size: 2 bytes.
Response Header - size: 213 bytes.
Response Body - size: 2 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jfqr&sid=BwU6VebhjW2ZmTJLAAFs
Method POST
Parameter sid
Attack
Evidence BwU6VebhjW2ZmTJLAAFs
Other Info
Request Header - size: 428 bytes.
Request Body - size: 2 bytes.
Response Header - size: 213 bytes.
Response Body - size: 2 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jgbl&sid=C9pxj7667ak4ElDXAAFz
Method POST
Parameter sid
Attack
Evidence C9pxj7667ak4ElDXAAFz
Other Info
Request Header - size: 449 bytes.
Request Body - size: 2 bytes.
Response Header - size: 213 bytes.
Response Body - size: 2 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jgIp&sid=YQDCIc_vAs7s9UkwAAFu
Method POST
Parameter sid
Attack
Evidence YQDCIc_vAs7s9UkwAAFu
Other Info
Request Header - size: 479 bytes.
Request Body - size: 2 bytes.
Response Header - size: 213 bytes.
Response Body - size: 2 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jgLn&sid=jcmVO4dVXIT-3TOlAAFv
Method POST
Parameter sid
Attack
Evidence jcmVO4dVXIT-3TOlAAFv
Other Info
Request Header - size: 428 bytes.
Request Body - size: 2 bytes.
Response Header - size: 213 bytes.
Response Body - size: 2 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jgR5&sid=JEbLLwnIg3LjE956AAFw
Method POST
Parameter sid
Attack
Evidence JEbLLwnIg3LjE956AAFw
Other Info
Request Header - size: 479 bytes.
Request Body - size: 2 bytes.
Response Header - size: 213 bytes.
Response Body - size: 2 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jgvh&sid=Fz9xG4f304vfPIFdAAF2
Method POST
Parameter sid
Attack
Evidence Fz9xG4f304vfPIFdAAF2
Other Info
Request Header - size: 428 bytes.
Request Body - size: 2 bytes.
Response Header - size: 213 bytes.
Response Body - size: 2 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jhM_&sid=ircBqSGfF6i1eh4LAAF5
Method POST
Parameter sid
Attack
Evidence ircBqSGfF6i1eh4LAAF5
Other Info
Request Header - size: 449 bytes.
Request Body - size: 2 bytes.
Response Header - size: 213 bytes.
Response Body - size: 2 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jhN2&sid=oRSDOYS87TVsdpS5AAF4
Method POST
Parameter sid
Attack
Evidence oRSDOYS87TVsdpS5AAF4
Other Info
Request Header - size: 509 bytes.
Request Body - size: 2 bytes.
Response Header - size: 213 bytes.
Response Body - size: 2 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jhre&sid=rQ8n9bKhVoMnZzVqAAF8
Method POST
Parameter sid
Attack
Evidence rQ8n9bKhVoMnZzVqAAF8
Other Info
Request Header - size: 428 bytes.
Request Body - size: 2 bytes.
Response Header - size: 213 bytes.
Response Body - size: 2 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jhtz&sid=6md6cZPDbOTL8kA4AAF9
Method POST
Parameter sid
Attack
Evidence 6md6cZPDbOTL8kA4AAF9
Other Info
Request Header - size: 509 bytes.
Request Body - size: 2 bytes.
Response Header - size: 213 bytes.
Response Body - size: 2 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jiA-&sid=bzzlf42LCnuE8YRhAAGB
Method POST
Parameter sid
Attack
Evidence bzzlf42LCnuE8YRhAAGB
Other Info
Request Header - size: 428 bytes.
Request Body - size: 2 bytes.
Response Header - size: 213 bytes.
Response Body - size: 2 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jiaT&sid=vr_XiVG0kWUfU3miAAGE
Method POST
Parameter sid
Attack
Evidence vr_XiVG0kWUfU3miAAGE
Other Info
Request Header - size: 479 bytes.
Request Body - size: 2 bytes.
Response Header - size: 213 bytes.
Response Body - size: 2 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jiB4&sid=ICephQEqajXidCI9AAGA
Method POST
Parameter sid
Attack
Evidence ICephQEqajXidCI9AAGA
Other Info
Request Header - size: 479 bytes.
Request Body - size: 2 bytes.
Response Header - size: 213 bytes.
Response Body - size: 2 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jibS&sid=LXi0b5zbD2uPF_1wAAGF
Method POST
Parameter sid
Attack
Evidence LXi0b5zbD2uPF_1wAAGF
Other Info
Request Header - size: 509 bytes.
Request Body - size: 2 bytes.
Response Header - size: 213 bytes.
Response Body - size: 2 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jisi&sid=RQ3tx66nAHx-1T99AAGJ
Method POST
Parameter sid
Attack
Evidence RQ3tx66nAHx-1T99AAGJ
Other Info
Request Header - size: 479 bytes.
Request Body - size: 2 bytes.
Response Header - size: 213 bytes.
Response Body - size: 2 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jitr&sid=m3ljiLDaQCNrusGbAAGK
Method POST
Parameter sid
Attack
Evidence m3ljiLDaQCNrusGbAAGK
Other Info
Request Header - size: 479 bytes.
Request Body - size: 2 bytes.
Response Header - size: 213 bytes.
Response Body - size: 2 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jiuV&sid=iTq19Prhofu3WRc6AAGI
Method POST
Parameter sid
Attack
Evidence iTq19Prhofu3WRc6AAGI
Other Info
Request Header - size: 479 bytes.
Request Body - size: 2 bytes.
Response Header - size: 213 bytes.
Response Body - size: 2 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jivg&sid=swS8xiEhDtG-gjf9AAGL
Method POST
Parameter sid
Attack
Evidence swS8xiEhDtG-gjf9AAGL
Other Info
Request Header - size: 479 bytes.
Request Body - size: 2 bytes.
Response Header - size: 213 bytes.
Response Body - size: 2 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jj7O&sid=9Rq6Ygc2rb9B-I57AAGQ
Method POST
Parameter sid
Attack
Evidence 9Rq6Ygc2rb9B-I57AAGQ
Other Info
Request Header - size: 428 bytes.
Request Body - size: 2 bytes.
Response Header - size: 213 bytes.
Response Body - size: 2 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jjAO&sid=stFuRTmj5ftbqE5DAAGS
Method POST
Parameter sid
Attack
Evidence stFuRTmj5ftbqE5DAAGS
Other Info
Request Header - size: 509 bytes.
Request Body - size: 2 bytes.
Response Header - size: 213 bytes.
Response Body - size: 2 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jjrM&sid=m5eLqvGaL5jlyfljAAGX
Method POST
Parameter sid
Attack
Evidence m5eLqvGaL5jlyfljAAGX
Other Info
Request Header - size: 479 bytes.
Request Body - size: 2 bytes.
Response Header - size: 213 bytes.
Response Body - size: 2 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jjvj&sid=ESW87syAJz_HNbs4AAGY
Method POST
Parameter sid
Attack
Evidence ESW87syAJz_HNbs4AAGY
Other Info
Request Header - size: 479 bytes.
Request Body - size: 2 bytes.
Response Header - size: 213 bytes.
Response Body - size: 2 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jjWO&sid=UOvZYge4fZlvJrXlAAGT
Method POST
Parameter sid
Attack
Evidence UOvZYge4fZlvJrXlAAGT
Other Info
Request Header - size: 509 bytes.
Request Body - size: 2 bytes.
Response Header - size: 213 bytes.
Response Body - size: 2 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jjXF&sid=pO5oXSpuBhvYLR5JAAGU
Method POST
Parameter sid
Attack
Evidence pO5oXSpuBhvYLR5JAAGU
Other Info
Request Header - size: 479 bytes.
Request Body - size: 2 bytes.
Response Header - size: 213 bytes.
Response Body - size: 2 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jkA3&sid=Q8zPnEbA7AqbE-AVAAGd
Method POST
Parameter sid
Attack
Evidence Q8zPnEbA7AqbE-AVAAGd
Other Info
Request Header - size: 509 bytes.
Request Body - size: 2 bytes.
Response Header - size: 213 bytes.
Response Body - size: 2 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jkA6&sid=iyXeBUil7b3JLYcgAAGe
Method POST
Parameter sid
Attack
Evidence iyXeBUil7b3JLYcgAAGe
Other Info
Request Header - size: 479 bytes.
Request Body - size: 2 bytes.
Response Header - size: 213 bytes.
Response Body - size: 2 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jkL1&sid=AUBufidV7Xu2iZQYAAGh
Method POST
Parameter sid
Attack
Evidence AUBufidV7Xu2iZQYAAGh
Other Info
Request Header - size: 509 bytes.
Request Body - size: 2 bytes.
Response Header - size: 213 bytes.
Response Body - size: 2 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jkUx&sid=WJtHiW-DQZ1T3FzPAAGm
Method POST
Parameter sid
Attack
Evidence WJtHiW-DQZ1T3FzPAAGm
Other Info
Request Header - size: 428 bytes.
Request Body - size: 2 bytes.
Response Header - size: 213 bytes.
Response Body - size: 2 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jkW4&sid=G6_arwirWv6zE3sVAAGj
Method POST
Parameter sid
Attack
Evidence G6_arwirWv6zE3sVAAGj
Other Info
Request Header - size: 509 bytes.
Request Body - size: 2 bytes.
Response Header - size: 213 bytes.
Response Body - size: 2 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jkWN&sid=dZrCgW1RREDXBmEcAAGl
Method POST
Parameter sid
Attack
Evidence dZrCgW1RREDXBmEcAAGl
Other Info
Request Header - size: 479 bytes.
Request Body - size: 2 bytes.
Response Header - size: 213 bytes.
Response Body - size: 2 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jkx3&sid=oicUGLWQ8zqxLYu-AAGq
Method POST
Parameter sid
Attack
Evidence oicUGLWQ8zqxLYu-AAGq
Other Info
Request Header - size: 479 bytes.
Request Body - size: 2 bytes.
Response Header - size: 213 bytes.
Response Body - size: 2 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jkXg&sid=XDs4qc8WdSz1SZaYAAGk
Method POST
Parameter sid
Attack
Evidence XDs4qc8WdSz1SZaYAAGk
Other Info
Request Header - size: 479 bytes.
Request Body - size: 2 bytes.
Response Header - size: 213 bytes.
Response Body - size: 2 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jl3E&sid=1rzP5Fw3pWWcNjyYAAGs
Method POST
Parameter sid
Attack
Evidence 1rzP5Fw3pWWcNjyYAAGs
Other Info
Request Header - size: 509 bytes.
Request Body - size: 2 bytes.
Response Header - size: 213 bytes.
Response Body - size: 2 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jl8n&sid=tjMMZNG7r9vtvAiGAAGu
Method POST
Parameter sid
Attack
Evidence tjMMZNG7r9vtvAiGAAGu
Other Info
Request Header - size: 428 bytes.
Request Body - size: 2 bytes.
Response Header - size: 213 bytes.
Response Body - size: 2 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jlco&sid=_iMS3mwcdn5jXzvoAAGz
Method POST
Parameter sid
Attack
Evidence _iMS3mwcdn5jXzvoAAGz
Other Info
Request Header - size: 509 bytes.
Request Body - size: 2 bytes.
Response Header - size: 213 bytes.
Response Body - size: 2 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jlGq&sid=XDs4qc8WdSz1SZaYAAGk
Method POST
Parameter sid
Attack
Evidence XDs4qc8WdSz1SZaYAAGk
Other Info
Request Header - size: 479 bytes.
Request Body - size: 1 bytes.
Response Header - size: 213 bytes.
Response Body - size: 2 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jlh6&sid=vD9Rp6fFpQO3CrNkAAG3
Method POST
Parameter sid
Attack
Evidence vD9Rp6fFpQO3CrNkAAG3
Other Info
Request Header - size: 449 bytes.
Request Body - size: 2 bytes.
Response Header - size: 213 bytes.
Response Body - size: 2 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jlHX&sid=IVOPNp79ybKVX9w_AAGw
Method POST
Parameter sid
Attack
Evidence IVOPNp79ybKVX9w_AAGw
Other Info
Request Header - size: 428 bytes.
Request Body - size: 2 bytes.
Response Header - size: 213 bytes.
Response Body - size: 2 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jlka&sid=smjCrULOSmnglxCZAAG5
Method POST
Parameter sid
Attack
Evidence smjCrULOSmnglxCZAAG5
Other Info
Request Header - size: 509 bytes.
Request Body - size: 2 bytes.
Response Header - size: 213 bytes.
Response Body - size: 2 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jlq7&sid=1IPVMx647gC7hjOuAAG6
Method POST
Parameter sid
Attack
Evidence 1IPVMx647gC7hjOuAAG6
Other Info
Request Header - size: 479 bytes.
Request Body - size: 2 bytes.
Response Header - size: 213 bytes.
Response Body - size: 2 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jlsE&sid=FyM8yP4UNTckYf2NAAG8
Method POST
Parameter sid
Attack
Evidence FyM8yP4UNTckYf2NAAG8
Other Info
Request Header - size: 509 bytes.
Request Body - size: 2 bytes.
Response Header - size: 213 bytes.
Response Body - size: 2 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jlZK&sid=ldeeeo_dBj2F-1qzAAGy
Method POST
Parameter sid
Attack
Evidence ldeeeo_dBj2F-1qzAAGy
Other Info
Request Header - size: 479 bytes.
Request Body - size: 2 bytes.
Response Header - size: 213 bytes.
Response Body - size: 2 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jmDz&sid=6irGIzq91IslKF8kAAG_
Method POST
Parameter sid
Attack
Evidence 6irGIzq91IslKF8kAAG_
Other Info
Request Header - size: 509 bytes.
Request Body - size: 2 bytes.
Response Header - size: 213 bytes.
Response Body - size: 2 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jmIW&sid=0PnxBar0DV0ylvgqAAHA
Method POST
Parameter sid
Attack
Evidence 0PnxBar0DV0ylvgqAAHA
Other Info
Request Header - size: 428 bytes.
Request Body - size: 2 bytes.
Response Header - size: 213 bytes.
Response Body - size: 2 bytes.
Instances 190
Solution
For secure content, put session ID in a cookie. To be even more secure consider using a combination of cookie and URL rewrite.
Reference http://seclists.org/lists/webappsec/2002/Oct-Dec/0111.html
Tags OWASP_2021_A01
WSTG-v42-SESS-04
OWASP_2017_A03
CWE Id 200
WASC Id 13
Plugin Id 3
Medium
Vulnerable JS Library
Description
The identified library jquery, version 2.2.4 is vulnerable.
URL http://cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js
Method GET
Parameter
Attack
Evidence /2.2.4/jquery.min.js
Other Info CVE-2020-11023 CVE-2020-11022 CVE-2015-9251 CVE-2019-11358 CVE-2020-23064
Request Header - size: 301 bytes.
Request Body - size: 0 bytes.
Response Header - size: 918 bytes.
Response Body - size: 85,578 bytes.
Instances 1
Solution
Please upgrade to the latest version of jquery.
Reference https://github.com/jquery/jquery/issues/2432
http://blog.jquery.com/2016/01/08/jquery-2-2-and-1-12-released/
http://research.insecurelabs.org/jquery/test/
https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/
https://nvd.nist.gov/vuln/detail/CVE-2019-11358
https://nvd.nist.gov/vuln/detail/CVE-2015-9251
https://github.com/jquery/jquery/commit/753d591aea698e57d6db58c9f722cd0808619b1b
https://bugs.jquery.com/ticket/11974
https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/
https://github.com/jquery/jquery.com/issues/162
Tags CVE-2020-11023
OWASP_2017_A09
CVE-2020-11022
OWASP_2021_A06
CVE-2015-9251
CVE-2019-11358
CVE-2020-23064
CWE Id 829
WASC Id
Plugin Id 10003
Low
Cross-Domain JavaScript Source File Inclusion
Description
The page includes one or more script files from a third-party domain.
URL http://83.212.109.249:3000
Method GET
Parameter //cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js
Attack
Evidence <script src="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js"></script>
Other Info
Request Header - size: 238 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000
Method GET
Parameter //cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js
Attack
Evidence <script src="//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js"></script>
Other Info
Request Header - size: 238 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/
Method GET
Parameter //cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js
Attack
Evidence <script src="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js"></script>
Other Info
Request Header - size: 280 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/
Method GET
Parameter //cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js
Attack
Evidence <script src="//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js"></script>
Other Info
Request Header - size: 280 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/juice-shop/build/routes/assets/public/assets/public/favicon_js.ico
Method GET
Parameter //cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js
Attack
Evidence <script src="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js"></script>
Other Info
Request Header - size: 395 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/juice-shop/build/routes/assets/public/assets/public/favicon_js.ico
Method GET
Parameter //cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js
Attack
Evidence <script src="//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js"></script>
Other Info
Request Header - size: 395 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/juice-shop/build/routes/assets/public/favicon_js.ico
Method GET
Parameter //cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js
Attack
Evidence <script src="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js"></script>
Other Info
Request Header - size: 372 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/juice-shop/build/routes/assets/public/favicon_js.ico
Method GET
Parameter //cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js
Attack
Evidence <script src="//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js"></script>
Other Info
Request Header - size: 372 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/juice-shop/build/routes/assets/public/main.js
Method GET
Parameter //cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js
Attack
Evidence <script src="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js"></script>
Other Info
Request Header - size: 374 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/juice-shop/build/routes/assets/public/main.js
Method GET
Parameter //cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js
Attack
Evidence <script src="//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js"></script>
Other Info
Request Header - size: 374 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/juice-shop/build/routes/assets/public/polyfills.js
Method GET
Parameter //cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js
Attack
Evidence <script src="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js"></script>
Other Info
Request Header - size: 379 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/juice-shop/build/routes/assets/public/polyfills.js
Method GET
Parameter //cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js
Attack
Evidence <script src="//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js"></script>
Other Info
Request Header - size: 379 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/juice-shop/build/routes/assets/public/runtime.js
Method GET
Parameter //cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js
Attack
Evidence <script src="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js"></script>
Other Info
Request Header - size: 377 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/juice-shop/build/routes/assets/public/runtime.js
Method GET
Parameter //cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js
Attack
Evidence <script src="//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js"></script>
Other Info
Request Header - size: 377 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/juice-shop/build/routes/assets/public/styles.css
Method GET
Parameter //cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js
Attack
Evidence <script src="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js"></script>
Other Info
Request Header - size: 377 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/juice-shop/build/routes/assets/public/styles.css
Method GET
Parameter //cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js
Attack
Evidence <script src="//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js"></script>
Other Info
Request Header - size: 377 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/juice-shop/build/routes/assets/public/vendor.js
Method GET
Parameter //cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js
Attack
Evidence <script src="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js"></script>
Other Info
Request Header - size: 376 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/juice-shop/build/routes/assets/public/vendor.js
Method GET
Parameter //cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js
Attack
Evidence <script src="//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js"></script>
Other Info
Request Header - size: 376 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/juice-shop/build/routes/fileServer.js:39:13
Method GET
Parameter //cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js
Attack
Evidence <script src="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js"></script>
Other Info
Request Header - size: 343 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/juice-shop/build/routes/fileServer.js:39:13
Method GET
Parameter //cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js
Attack
Evidence <script src="//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js"></script>
Other Info
Request Header - size: 343 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/juice-shop/build/routes/fileServer.js:55:18
Method GET
Parameter //cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js
Attack
Evidence <script src="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js"></script>
Other Info
Request Header - size: 343 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/juice-shop/build/routes/fileServer.js:55:18
Method GET
Parameter //cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js
Attack
Evidence <script src="//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js"></script>
Other Info
Request Header - size: 343 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/juice-shop/build/routes/main.js
Method GET
Parameter //cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js
Attack
Evidence <script src="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js"></script>
Other Info
Request Header - size: 351 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/juice-shop/build/routes/main.js
Method GET
Parameter //cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js
Attack
Evidence <script src="//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js"></script>
Other Info
Request Header - size: 351 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/juice-shop/build/routes/polyfills.js
Method GET
Parameter //cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js
Attack
Evidence <script src="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js"></script>
Other Info
Request Header - size: 356 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/juice-shop/build/routes/polyfills.js
Method GET
Parameter //cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js
Attack
Evidence <script src="//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js"></script>
Other Info
Request Header - size: 356 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/juice-shop/build/routes/runtime.js
Method GET
Parameter //cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js
Attack
Evidence <script src="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js"></script>
Other Info
Request Header - size: 354 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/juice-shop/build/routes/runtime.js
Method GET
Parameter //cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js
Attack
Evidence <script src="//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js"></script>
Other Info
Request Header - size: 354 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/juice-shop/build/routes/styles.css
Method GET
Parameter //cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js
Attack
Evidence <script src="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js"></script>
Other Info
Request Header - size: 354 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/juice-shop/build/routes/styles.css
Method GET
Parameter //cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js
Attack
Evidence <script src="//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js"></script>
Other Info
Request Header - size: 354 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/juice-shop/build/routes/vendor.js
Method GET
Parameter //cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js
Attack
Evidence <script src="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js"></script>
Other Info
Request Header - size: 353 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/juice-shop/build/routes/vendor.js
Method GET
Parameter //cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js
Attack
Evidence <script src="//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js"></script>
Other Info
Request Header - size: 353 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/juice-shop/node_modules/express/lib/router/assets/public/assets/public/favicon_js.ico
Method GET
Parameter //cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js
Attack
Evidence <script src="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js"></script>
Other Info
Request Header - size: 433 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/juice-shop/node_modules/express/lib/router/assets/public/assets/public/favicon_js.ico
Method GET
Parameter //cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js
Attack
Evidence <script src="//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js"></script>
Other Info
Request Header - size: 433 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/juice-shop/node_modules/express/lib/router/assets/public/favicon_js.ico
Method GET
Parameter //cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js
Attack
Evidence <script src="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js"></script>
Other Info
Request Header - size: 404 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/juice-shop/node_modules/express/lib/router/assets/public/favicon_js.ico
Method GET
Parameter //cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js
Attack
Evidence <script src="//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js"></script>
Other Info
Request Header - size: 404 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/juice-shop/node_modules/express/lib/router/assets/public/main.js
Method GET
Parameter //cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js
Attack
Evidence <script src="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js"></script>
Other Info
Request Header - size: 412 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/juice-shop/node_modules/express/lib/router/assets/public/main.js
Method GET
Parameter //cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js
Attack
Evidence <script src="//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js"></script>
Other Info
Request Header - size: 412 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/juice-shop/node_modules/express/lib/router/assets/public/polyfills.js
Method GET
Parameter //cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js
Attack
Evidence <script src="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js"></script>
Other Info
Request Header - size: 417 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/juice-shop/node_modules/express/lib/router/assets/public/polyfills.js
Method GET
Parameter //cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js
Attack
Evidence <script src="//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js"></script>
Other Info
Request Header - size: 417 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/juice-shop/node_modules/express/lib/router/assets/public/runtime.js
Method GET
Parameter //cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js
Attack
Evidence <script src="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js"></script>
Other Info
Request Header - size: 415 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/juice-shop/node_modules/express/lib/router/assets/public/runtime.js
Method GET
Parameter //cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js
Attack
Evidence <script src="//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js"></script>
Other Info
Request Header - size: 415 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/juice-shop/node_modules/express/lib/router/assets/public/styles.css
Method GET
Parameter //cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js
Attack
Evidence <script src="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js"></script>
Other Info
Request Header - size: 415 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/juice-shop/node_modules/express/lib/router/assets/public/styles.css
Method GET
Parameter //cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js
Attack
Evidence <script src="//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js"></script>
Other Info
Request Header - size: 415 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/juice-shop/node_modules/express/lib/router/assets/public/vendor.js
Method GET
Parameter //cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js
Attack
Evidence <script src="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js"></script>
Other Info
Request Header - size: 414 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/juice-shop/node_modules/express/lib/router/assets/public/vendor.js
Method GET
Parameter //cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js
Attack
Evidence <script src="//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js"></script>
Other Info
Request Header - size: 414 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/juice-shop/node_modules/express/lib/router/index.js:280:10
Method GET
Parameter //cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js
Attack
Evidence <script src="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js"></script>
Other Info
Request Header - size: 349 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/juice-shop/node_modules/express/lib/router/index.js:280:10
Method GET
Parameter //cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js
Attack
Evidence <script src="//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js"></script>
Other Info
Request Header - size: 349 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/juice-shop/node_modules/express/lib/router/index.js:286:9
Method GET
Parameter //cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js
Attack
Evidence <script src="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js"></script>
Other Info
Request Header - size: 357 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/juice-shop/node_modules/express/lib/router/index.js:286:9
Method GET
Parameter //cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js
Attack
Evidence <script src="//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js"></script>
Other Info
Request Header - size: 357 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/juice-shop/node_modules/express/lib/router/index.js:328:13
Method GET
Parameter //cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js
Attack
Evidence <script src="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js"></script>
Other Info
Request Header - size: 358 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/juice-shop/node_modules/express/lib/router/index.js:328:13
Method GET
Parameter //cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js
Attack
Evidence <script src="//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js"></script>
Other Info
Request Header - size: 358 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/juice-shop/node_modules/express/lib/router/index.js:365:14
Method GET
Parameter //cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js
Attack
Evidence <script src="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js"></script>
Other Info
Request Header - size: 358 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/juice-shop/node_modules/express/lib/router/index.js:365:14
Method GET
Parameter //cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js
Attack
Evidence <script src="//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js"></script>
Other Info
Request Header - size: 358 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/juice-shop/node_modules/express/lib/router/index.js:376:14
Method GET
Parameter //cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js
Attack
Evidence <script src="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js"></script>
Other Info
Request Header - size: 349 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/juice-shop/node_modules/express/lib/router/index.js:376:14
Method GET
Parameter //cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js
Attack
Evidence <script src="//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js"></script>
Other Info
Request Header - size: 349 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/juice-shop/node_modules/express/lib/router/index.js:421:3
Method GET
Parameter //cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js
Attack
Evidence <script src="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js"></script>
Other Info
Request Header - size: 357 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/juice-shop/node_modules/express/lib/router/index.js:421:3
Method GET
Parameter //cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js
Attack
Evidence <script src="//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js"></script>
Other Info
Request Header - size: 357 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/juice-shop/node_modules/express/lib/router/layer.js:95:5
Method GET
Parameter //cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js
Attack
Evidence <script src="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js"></script>
Other Info
Request Header - size: 356 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/juice-shop/node_modules/express/lib/router/layer.js:95:5
Method GET
Parameter //cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js
Attack
Evidence <script src="//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js"></script>
Other Info
Request Header - size: 356 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/juice-shop/node_modules/express/lib/router/main.js
Method GET
Parameter //cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js
Attack
Evidence <script src="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js"></script>
Other Info
Request Header - size: 383 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/juice-shop/node_modules/express/lib/router/main.js
Method GET
Parameter //cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js
Attack
Evidence <script src="//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js"></script>
Other Info
Request Header - size: 383 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/juice-shop/node_modules/express/lib/router/polyfills.js
Method GET
Parameter //cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js
Attack
Evidence <script src="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js"></script>
Other Info
Request Header - size: 388 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/juice-shop/node_modules/express/lib/router/polyfills.js
Method GET
Parameter //cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js
Attack
Evidence <script src="//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js"></script>
Other Info
Request Header - size: 388 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/juice-shop/node_modules/express/lib/router/runtime.js
Method GET
Parameter //cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js
Attack
Evidence <script src="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js"></script>
Other Info
Request Header - size: 386 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/juice-shop/node_modules/express/lib/router/runtime.js
Method GET
Parameter //cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js
Attack
Evidence <script src="//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js"></script>
Other Info
Request Header - size: 386 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/juice-shop/node_modules/express/lib/router/styles.css
Method GET
Parameter //cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js
Attack
Evidence <script src="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js"></script>
Other Info
Request Header - size: 386 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/juice-shop/node_modules/express/lib/router/styles.css
Method GET
Parameter //cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js
Attack
Evidence <script src="//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js"></script>
Other Info
Request Header - size: 386 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/juice-shop/node_modules/express/lib/router/vendor.js
Method GET
Parameter //cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js
Attack
Evidence <script src="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js"></script>
Other Info
Request Header - size: 385 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/juice-shop/node_modules/express/lib/router/vendor.js
Method GET
Parameter //cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js
Attack
Evidence <script src="//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js"></script>
Other Info
Request Header - size: 385 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/juice-shop/node_modules/serve-index/assets/public/assets/public/favicon_js.ico
Method GET
Parameter //cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js
Attack
Evidence <script src="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js"></script>
Other Info
Request Header - size: 419 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/juice-shop/node_modules/serve-index/assets/public/assets/public/favicon_js.ico
Method GET
Parameter //cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js
Attack
Evidence <script src="//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js"></script>
Other Info
Request Header - size: 419 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/juice-shop/node_modules/serve-index/assets/public/favicon_js.ico
Method GET
Parameter //cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js
Attack
Evidence <script src="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js"></script>
Other Info
Request Header - size: 392 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/juice-shop/node_modules/serve-index/assets/public/favicon_js.ico
Method GET
Parameter //cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js
Attack
Evidence <script src="//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js"></script>
Other Info
Request Header - size: 392 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/juice-shop/node_modules/serve-index/assets/public/main.js
Method GET
Parameter //cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js
Attack
Evidence <script src="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js"></script>
Other Info
Request Header - size: 398 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/juice-shop/node_modules/serve-index/assets/public/main.js
Method GET
Parameter //cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js
Attack
Evidence <script src="//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js"></script>
Other Info
Request Header - size: 398 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/juice-shop/node_modules/serve-index/assets/public/polyfills.js
Method GET
Parameter //cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js
Attack
Evidence <script src="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js"></script>
Other Info
Request Header - size: 403 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/juice-shop/node_modules/serve-index/assets/public/polyfills.js
Method GET
Parameter //cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js
Attack
Evidence <script src="//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js"></script>
Other Info
Request Header - size: 403 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/juice-shop/node_modules/serve-index/assets/public/runtime.js
Method GET
Parameter //cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js
Attack
Evidence <script src="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js"></script>
Other Info
Request Header - size: 401 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/juice-shop/node_modules/serve-index/assets/public/runtime.js
Method GET
Parameter //cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js
Attack
Evidence <script src="//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js"></script>
Other Info
Request Header - size: 401 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/juice-shop/node_modules/serve-index/assets/public/styles.css
Method GET
Parameter //cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js
Attack
Evidence <script src="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js"></script>
Other Info
Request Header - size: 401 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/juice-shop/node_modules/serve-index/assets/public/styles.css
Method GET
Parameter //cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js
Attack
Evidence <script src="//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js"></script>
Other Info
Request Header - size: 401 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/juice-shop/node_modules/serve-index/assets/public/vendor.js
Method GET
Parameter //cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js
Attack
Evidence <script src="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js"></script>
Other Info
Request Header - size: 400 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/juice-shop/node_modules/serve-index/assets/public/vendor.js
Method GET
Parameter //cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js
Attack
Evidence <script src="//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js"></script>
Other Info
Request Header - size: 400 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/juice-shop/node_modules/serve-index/index.js:145:39
Method GET
Parameter //cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js
Attack
Evidence <script src="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js"></script>
Other Info
Request Header - size: 351 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/juice-shop/node_modules/serve-index/index.js:145:39
Method GET
Parameter //cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js
Attack
Evidence <script src="//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js"></script>
Other Info
Request Header - size: 351 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/juice-shop/node_modules/serve-index/main.js
Method GET
Parameter //cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js
Attack
Evidence <script src="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js"></script>
Other Info
Request Header - size: 371 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/juice-shop/node_modules/serve-index/main.js
Method GET
Parameter //cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js
Attack
Evidence <script src="//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js"></script>
Other Info
Request Header - size: 371 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/juice-shop/node_modules/serve-index/polyfills.js
Method GET
Parameter //cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js
Attack
Evidence <script src="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js"></script>
Other Info
Request Header - size: 376 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/juice-shop/node_modules/serve-index/polyfills.js
Method GET
Parameter //cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js
Attack
Evidence <script src="//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js"></script>
Other Info
Request Header - size: 376 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/juice-shop/node_modules/serve-index/runtime.js
Method GET
Parameter //cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js
Attack
Evidence <script src="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js"></script>
Other Info
Request Header - size: 374 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/juice-shop/node_modules/serve-index/runtime.js
Method GET
Parameter //cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js
Attack
Evidence <script src="//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js"></script>
Other Info
Request Header - size: 374 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/juice-shop/node_modules/serve-index/styles.css
Method GET
Parameter //cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js
Attack
Evidence <script src="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js"></script>
Other Info
Request Header - size: 374 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/juice-shop/node_modules/serve-index/styles.css
Method GET
Parameter //cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js
Attack
Evidence <script src="//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js"></script>
Other Info
Request Header - size: 374 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/juice-shop/node_modules/serve-index/vendor.js
Method GET
Parameter //cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js
Attack
Evidence <script src="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js"></script>
Other Info
Request Header - size: 373 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/juice-shop/node_modules/serve-index/vendor.js
Method GET
Parameter //cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js
Attack
Evidence <script src="//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js"></script>
Other Info
Request Header - size: 373 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/sitemap.xml
Method GET
Parameter //cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js
Attack
Evidence <script src="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js"></script>
Other Info
Request Header - size: 250 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/sitemap.xml
Method GET
Parameter //cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js
Attack
Evidence <script src="//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js"></script>
Other Info
Request Header - size: 250 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
Instances 98
Solution
Ensure JavaScript source files are loaded from only trusted sources, and the sources can't be controlled by end users of the application.
Reference
Tags OWASP_2021_A08
CWE Id 829
WASC Id 15
Plugin Id 10017
Low
Private IP Disclosure
Description
A private IP (such as 10.x.x.x, 172.x.x.x, 192.168.x.x) or an Amazon EC2 private hostname (for example, ip-10-0-56-78) has been found in the HTTP response body. This information might be helpful for further attacks targeting internal systems.
URL http://83.212.109.249:3000/rest/admin/application-configuration
Method GET
Parameter
Attack
Evidence 192.168.99.100:3000
Other Info 192.168.99.100:3000 192.168.99.100:4200
Request Header - size: 329 bytes.
Request Body - size: 0 bytes.
Response Header - size: 389 bytes.
Response Body - size: 18,835 bytes.
Instances 1
Solution
Remove the private IP address from the HTTP response body. For comments, use JSP/ASP/PHP comment instead of HTML/JavaScript comment which can be seen by client browsers.
Reference https://tools.ietf.org/html/rfc1918
Tags OWASP_2021_A01
OWASP_2017_A03
CWE Id 200
WASC Id 13
Plugin Id 2
Low
Timestamp Disclosure - Unix
Description
A timestamp was disclosed by the application/web server - Unix
URL http://83.212.109.249:3000/main.js
Method GET
Parameter
Attack
Evidence 1734944650
Other Info 1734944650, which evaluates to: 2024-12-23 11:04:10
Request Header - size: 283 bytes.
Request Body - size: 0 bytes.
Response Header - size: 483 bytes.
Response Body - size: 491,853 bytes.
URL http://83.212.109.249:3000/rest/admin/application-configuration
Method GET
Parameter
Attack
Evidence 1969196030
Other Info 1969196030, which evaluates to: 2032-05-26 17:53:50
Request Header - size: 329 bytes.
Request Body - size: 0 bytes.
Response Header - size: 389 bytes.
Response Body - size: 18,835 bytes.
URL http://83.212.109.249:3000/rest/admin/application-configuration
Method GET
Parameter
Attack
Evidence 1970691216
Other Info 1970691216, which evaluates to: 2032-06-13 01:13:36
Request Header - size: 329 bytes.
Request Body - size: 0 bytes.
Response Header - size: 389 bytes.
Response Body - size: 18,835 bytes.
URL http://83.212.109.249:3000/rest/products/search?q=
Method GET
Parameter
Attack
Evidence 1969196030
Other Info 1969196030, which evaluates to: 2032-05-26 17:53:50
Request Header - size: 316 bytes.
Request Body - size: 0 bytes.
Response Header - size: 389 bytes.
Response Body - size: 12,880 bytes.
URL http://83.212.109.249:3000/rest/products/search?q=
Method GET
Parameter
Attack
Evidence 1970691216
Other Info 1970691216, which evaluates to: 2032-06-13 01:13:36
Request Header - size: 316 bytes.
Request Body - size: 0 bytes.
Response Header - size: 389 bytes.
Response Body - size: 12,880 bytes.
Instances 5
Solution
Manually confirm that the timestamp data is not sensitive, and that the data cannot be aggregated to disclose exploitable patterns.
Reference http://projects.webappsec.org/w/page/13246936/Information%20Leakage
Tags OWASP_2021_A01
OWASP_2017_A03
CWE Id 200
WASC Id 13
Plugin Id 10096
Low
X-Content-Type-Options Header Missing
Description
The Anti-MIME-Sniffing header X-Content-Type-Options was not set to 'nosniff'. This allows older versions of Internet Explorer and Chrome to perform MIME-sniffing on the response body, potentially causing the response body to be interpreted and displayed as a content type other than the declared content type. Current (early 2014) and legacy versions of Firefox will use the declared content type (if one is set), rather than performing MIME-sniffing.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jdJp
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
Request Header - size: 307 bytes.
Request Body - size: 0 bytes.
Response Header - size: 230 bytes.
Response Body - size: 96 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jdMn&sid=dzh6GFQ-5Hjqn77bAAFi
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
Request Header - size: 332 bytes.
Request Body - size: 0 bytes.
Response Header - size: 230 bytes.
Response Body - size: 32 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jdtT
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
Request Header - size: 328 bytes.
Request Body - size: 0 bytes.
Response Header - size: 230 bytes.
Response Body - size: 96 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jdVb&sid=dzh6GFQ-5Hjqn77bAAFi
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
Request Header - size: 332 bytes.
Request Body - size: 0 bytes.
Response Header - size: 229 bytes.
Response Body - size: 1 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jdwF&sid=x-rMJgmhW5uFvkBqAAFk
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
Request Header - size: 353 bytes.
Request Body - size: 0 bytes.
Response Header - size: 230 bytes.
Response Body - size: 32 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9je1s&sid=x-rMJgmhW5uFvkBqAAFk
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
Request Header - size: 353 bytes.
Request Body - size: 0 bytes.
Response Header - size: 229 bytes.
Response Body - size: 1 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jeNP
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
Request Header - size: 307 bytes.
Request Body - size: 0 bytes.
Response Header - size: 230 bytes.
Response Body - size: 96 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jeph
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
Request Header - size: 307 bytes.
Request Body - size: 0 bytes.
Response Header - size: 230 bytes.
Response Body - size: 96 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jeQI&sid=UgvLTA13bnTNStDxAAFm
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
Request Header - size: 332 bytes.
Request Body - size: 0 bytes.
Response Header - size: 230 bytes.
Response Body - size: 32 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jesa&sid=X_LjqKUekVZEUm6jAAFo
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
Request Header - size: 332 bytes.
Request Body - size: 0 bytes.
Response Header - size: 230 bytes.
Response Body - size: 32 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jewP&sid=X_LjqKUekVZEUm6jAAFo
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
Request Header - size: 332 bytes.
Request Body - size: 0 bytes.
Response Header - size: 229 bytes.
Response Body - size: 1 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jeZy&sid=UgvLTA13bnTNStDxAAFm
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
Request Header - size: 332 bytes.
Request Body - size: 0 bytes.
Response Header - size: 229 bytes.
Response Body - size: 1 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jfG0
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
Request Header - size: 307 bytes.
Request Body - size: 0 bytes.
Response Header - size: 230 bytes.
Response Body - size: 96 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jfmc
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
Request Header - size: 307 bytes.
Request Body - size: 0 bytes.
Response Header - size: 230 bytes.
Response Body - size: 96 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jfMS&sid=YVmN6z5-i-cLlfb0AAFq
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
Request Header - size: 332 bytes.
Request Body - size: 0 bytes.
Response Header - size: 230 bytes.
Response Body - size: 32 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jfPC&sid=YVmN6z5-i-cLlfb0AAFq
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
Request Header - size: 332 bytes.
Request Body - size: 0 bytes.
Response Header - size: 229 bytes.
Response Body - size: 1 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jfqs&sid=BwU6VebhjW2ZmTJLAAFs
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
Request Header - size: 332 bytes.
Request Body - size: 0 bytes.
Response Header - size: 230 bytes.
Response Body - size: 32 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jfuS&sid=BwU6VebhjW2ZmTJLAAFs
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
Request Header - size: 332 bytes.
Request Body - size: 0 bytes.
Response Header - size: 229 bytes.
Response Body - size: 1 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jg_k&sid=Fz9xG4f304vfPIFdAAF2
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
Request Header - size: 353 bytes.
Request Body - size: 0 bytes.
Response Header - size: 229 bytes.
Response Body - size: 1 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jgbn&sid=C9pxj7667ak4ElDXAAFz
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
Request Header - size: 353 bytes.
Request Body - size: 0 bytes.
Response Header - size: 230 bytes.
Response Body - size: 32 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jgfa&sid=C9pxj7667ak4ElDXAAFz
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
Request Header - size: 353 bytes.
Request Body - size: 0 bytes.
Response Header - size: 229 bytes.
Response Body - size: 1 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jgFV
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
Request Header - size: 358 bytes.
Request Body - size: 0 bytes.
Response Header - size: 230 bytes.
Response Body - size: 96 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jggL&sid=YQDCIc_vAs7s9UkwAAFu
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
Request Header - size: 383 bytes.
Request Body - size: 0 bytes.
Response Header - size: 229 bytes.
Response Body - size: 1 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jgGt
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
Request Header - size: 307 bytes.
Request Body - size: 0 bytes.
Response Header - size: 230 bytes.
Response Body - size: 96 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jgGy
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
Request Header - size: 358 bytes.
Request Body - size: 0 bytes.
Response Header - size: 230 bytes.
Response Body - size: 96 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jgIr&sid=YQDCIc_vAs7s9UkwAAFu
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
Request Header - size: 383 bytes.
Request Body - size: 0 bytes.
Response Header - size: 230 bytes.
Response Body - size: 32 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jgLo&sid=jcmVO4dVXIT-3TOlAAFv
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
Request Header - size: 332 bytes.
Request Body - size: 0 bytes.
Response Header - size: 230 bytes.
Response Body - size: 32 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jgqs
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
Request Header - size: 307 bytes.
Request Body - size: 0 bytes.
Response Header - size: 230 bytes.
Response Body - size: 96 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jgQT&sid=jcmVO4dVXIT-3TOlAAFv
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
Request Header - size: 332 bytes.
Request Body - size: 0 bytes.
Response Header - size: 229 bytes.
Response Body - size: 1 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jgR7&sid=JEbLLwnIg3LjE956AAFw
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
Request Header - size: 383 bytes.
Request Body - size: 0 bytes.
Response Header - size: 230 bytes.
Response Body - size: 32 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jgT2&sid=JEbLLwnIg3LjE956AAFw
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
Request Header - size: 383 bytes.
Request Body - size: 0 bytes.
Response Header - size: 229 bytes.
Response Body - size: 1 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jgvj&sid=Fz9xG4f304vfPIFdAAF2
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
Request Header - size: 332 bytes.
Request Body - size: 0 bytes.
Response Header - size: 230 bytes.
Response Body - size: 32 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jgy6&sid=Fz9xG4f304vfPIFdAAF2
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
Request Header - size: 332 bytes.
Request Body - size: 0 bytes.
Response Header - size: 229 bytes.
Response Body - size: 1 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jgYj
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
Request Header - size: 328 bytes.
Request Body - size: 0 bytes.
Response Header - size: 230 bytes.
Response Body - size: 96 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jhbK&sid=ircBqSGfF6i1eh4LAAF5
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
Request Header - size: 353 bytes.
Request Body - size: 0 bytes.
Response Header - size: 229 bytes.
Response Body - size: 1 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jhE0
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
Request Header - size: 388 bytes.
Request Body - size: 0 bytes.
Response Header - size: 230 bytes.
Response Body - size: 96 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jhJQ
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
Request Header - size: 328 bytes.
Request Body - size: 0 bytes.
Response Header - size: 230 bytes.
Response Body - size: 96 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jhl3
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
Request Header - size: 307 bytes.
Request Body - size: 0 bytes.
Response Header - size: 230 bytes.
Response Body - size: 96 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jhmW
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
Request Header - size: 388 bytes.
Request Body - size: 0 bytes.
Response Header - size: 230 bytes.
Response Body - size: 96 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jhN2&sid=ircBqSGfF6i1eh4LAAF5
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
Request Header - size: 353 bytes.
Request Body - size: 0 bytes.
Response Header - size: 230 bytes.
Response Body - size: 32 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jhN4&sid=oRSDOYS87TVsdpS5AAF4
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
Request Header - size: 413 bytes.
Request Body - size: 0 bytes.
Response Header - size: 230 bytes.
Response Body - size: 32 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jhrg&sid=rQ8n9bKhVoMnZzVqAAF8
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
Request Header - size: 332 bytes.
Request Body - size: 0 bytes.
Response Header - size: 230 bytes.
Response Body - size: 32 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jhu0&sid=6md6cZPDbOTL8kA4AAF9
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
Request Header - size: 413 bytes.
Request Body - size: 0 bytes.
Response Header - size: 230 bytes.
Response Body - size: 32 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jhub&sid=6md6cZPDbOTL8kA4AAF9
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
Request Header - size: 413 bytes.
Request Body - size: 0 bytes.
Response Header - size: 229 bytes.
Response Body - size: 1 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jhuh&sid=rQ8n9bKhVoMnZzVqAAF8
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
Request Header - size: 332 bytes.
Request Body - size: 0 bytes.
Response Header - size: 229 bytes.
Response Body - size: 1 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jhY5&sid=oRSDOYS87TVsdpS5AAF4
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
Request Header - size: 413 bytes.
Request Body - size: 0 bytes.
Response Header - size: 229 bytes.
Response Body - size: 1 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9ji1g
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
Request Header - size: 358 bytes.
Request Body - size: 0 bytes.
Response Header - size: 230 bytes.
Response Body - size: 96 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9ji47
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
Request Header - size: 307 bytes.
Request Body - size: 0 bytes.
Response Header - size: 230 bytes.
Response Body - size: 96 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9ji_Z&sid=swS8xiEhDtG-gjf9AAGL
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
Request Header - size: 383 bytes.
Request Body - size: 0 bytes.
Response Header - size: 229 bytes.
Response Body - size: 1 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jiaX&sid=vr_XiVG0kWUfU3miAAGE
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
Request Header - size: 383 bytes.
Request Body - size: 0 bytes.
Response Header - size: 230 bytes.
Response Body - size: 32 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jiB0&sid=bzzlf42LCnuE8YRhAAGB
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
Request Header - size: 332 bytes.
Request Body - size: 0 bytes.
Response Header - size: 230 bytes.
Response Body - size: 32 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jiB7&sid=ICephQEqajXidCI9AAGA
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
Request Header - size: 383 bytes.
Request Body - size: 0 bytes.
Response Header - size: 230 bytes.
Response Body - size: 32 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jibV&sid=LXi0b5zbD2uPF_1wAAGF
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
Request Header - size: 413 bytes.
Request Body - size: 0 bytes.
Response Header - size: 230 bytes.
Response Body - size: 32 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jiiB&sid=vr_XiVG0kWUfU3miAAGE
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
Request Header - size: 383 bytes.
Request Body - size: 0 bytes.
Response Header - size: 229 bytes.
Response Body - size: 1 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jiKb&sid=ICephQEqajXidCI9AAGA
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
Request Header - size: 383 bytes.
Request Body - size: 0 bytes.
Response Header - size: 229 bytes.
Response Body - size: 1 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jiKk&sid=bzzlf42LCnuE8YRhAAGB
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
Request Header - size: 332 bytes.
Request Body - size: 0 bytes.
Response Header - size: 229 bytes.
Response Body - size: 1 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jikQ&sid=LXi0b5zbD2uPF_1wAAGF
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
Request Header - size: 413 bytes.
Request Body - size: 0 bytes.
Response Header - size: 229 bytes.
Response Body - size: 1 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jioh
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
Request Header - size: 358 bytes.
Request Body - size: 0 bytes.
Response Header - size: 230 bytes.
Response Body - size: 96 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jiom
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
Request Header - size: 358 bytes.
Request Body - size: 0 bytes.
Response Header - size: 230 bytes.
Response Body - size: 96 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jip2
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
Request Header - size: 358 bytes.
Request Body - size: 0 bytes.
Response Header - size: 230 bytes.
Response Body - size: 96 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jiQT
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
Request Header - size: 358 bytes.
Request Body - size: 0 bytes.
Response Header - size: 230 bytes.
Response Body - size: 96 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jiqW
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
Request Header - size: 358 bytes.
Request Body - size: 0 bytes.
Response Header - size: 230 bytes.
Response Body - size: 96 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jiRx
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
Request Header - size: 388 bytes.
Request Body - size: 0 bytes.
Response Header - size: 230 bytes.
Response Body - size: 96 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jisj&sid=RQ3tx66nAHx-1T99AAGJ
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
Request Header - size: 383 bytes.
Request Body - size: 0 bytes.
Response Header - size: 230 bytes.
Response Body - size: 32 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jitu&sid=m3ljiLDaQCNrusGbAAGK
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
Request Header - size: 383 bytes.
Request Body - size: 0 bytes.
Response Header - size: 230 bytes.
Response Body - size: 32 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jiuX&sid=iTq19Prhofu3WRc6AAGI
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
Request Header - size: 383 bytes.
Request Body - size: 0 bytes.
Response Header - size: 230 bytes.
Response Body - size: 32 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jivh&sid=swS8xiEhDtG-gjf9AAGL
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
Request Header - size: 383 bytes.
Request Body - size: 0 bytes.
Response Header - size: 230 bytes.
Response Body - size: 32 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jj-N&sid=stFuRTmj5ftbqE5DAAGS
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
Request Header - size: 413 bytes.
Request Body - size: 0 bytes.
Response Header - size: 229 bytes.
Response Body - size: 1 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jj4F
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
Request Header - size: 307 bytes.
Request Body - size: 0 bytes.
Response Header - size: 230 bytes.
Response Body - size: 96 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jj7Q&sid=9Rq6Ygc2rb9B-I57AAGQ
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
Request Header - size: 332 bytes.
Request Body - size: 0 bytes.
Response Header - size: 230 bytes.
Response Body - size: 32 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jj8A
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
Request Header - size: 388 bytes.
Request Body - size: 0 bytes.
Response Header - size: 230 bytes.
Response Body - size: 96 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jj9d&sid=9Rq6Ygc2rb9B-I57AAGQ
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
Request Header - size: 332 bytes.
Request Body - size: 0 bytes.
Response Header - size: 229 bytes.
Response Body - size: 1 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jjAQ&sid=stFuRTmj5ftbqE5DAAGS
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
Request Header - size: 413 bytes.
Request Body - size: 0 bytes.
Response Header - size: 230 bytes.
Response Body - size: 32 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jjf7&sid=pO5oXSpuBhvYLR5JAAGU
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
Request Header - size: 383 bytes.
Request Body - size: 0 bytes.
Response Header - size: 229 bytes.
Response Body - size: 1 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jjlw
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
Request Header - size: 358 bytes.
Request Body - size: 0 bytes.
Response Header - size: 230 bytes.
Response Body - size: 96 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jjOM
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
Request Header - size: 388 bytes.
Request Body - size: 0 bytes.
Response Header - size: 230 bytes.
Response Body - size: 96 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jjpB
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
Request Header - size: 358 bytes.
Request Body - size: 0 bytes.
Response Header - size: 230 bytes.
Response Body - size: 96 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jjRm
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
Request Header - size: 358 bytes.
Request Body - size: 0 bytes.
Response Header - size: 230 bytes.
Response Body - size: 96 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jjrP&sid=m5eLqvGaL5jlyfljAAGX
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
Request Header - size: 383 bytes.
Request Body - size: 0 bytes.
Response Header - size: 230 bytes.
Response Body - size: 32 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jjtc&sid=m5eLqvGaL5jlyfljAAGX
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
Request Header - size: 383 bytes.
Request Body - size: 0 bytes.
Response Header - size: 229 bytes.
Response Body - size: 1 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jjvn&sid=ESW87syAJz_HNbs4AAGY
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
Request Header - size: 383 bytes.
Request Body - size: 0 bytes.
Response Header - size: 230 bytes.
Response Body - size: 32 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jjWP&sid=UOvZYge4fZlvJrXlAAGT
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
Request Header - size: 413 bytes.
Request Body - size: 0 bytes.
Response Header - size: 230 bytes.
Response Body - size: 32 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jjWS
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
Request Header - size: 388 bytes.
Request Body - size: 0 bytes.
Response Header - size: 230 bytes.
Response Body - size: 96 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jjXH&sid=pO5oXSpuBhvYLR5JAAGU
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
Request Header - size: 383 bytes.
Request Body - size: 0 bytes.
Response Header - size: 230 bytes.
Response Body - size: 32 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jjzw&sid=ESW87syAJz_HNbs4AAGY
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
Request Header - size: 383 bytes.
Request Body - size: 0 bytes.
Response Header - size: 229 bytes.
Response Body - size: 1 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jk-P&sid=oicUGLWQ8zqxLYu-AAGq
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
Request Header - size: 383 bytes.
Request Body - size: 0 bytes.
Response Header - size: 229 bytes.
Response Body - size: 1 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jk1n
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
Request Header - size: 388 bytes.
Request Body - size: 0 bytes.
Response Header - size: 230 bytes.
Response Body - size: 96 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jk5w
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
Request Header - size: 358 bytes.
Request Body - size: 0 bytes.
Response Header - size: 230 bytes.
Response Body - size: 96 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jk76
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
Request Header - size: 307 bytes.
Request Body - size: 0 bytes.
Response Header - size: 230 bytes.
Response Body - size: 96 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jkA6&sid=Q8zPnEbA7AqbE-AVAAGd
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
Request Header - size: 413 bytes.
Request Body - size: 0 bytes.
Response Header - size: 230 bytes.
Response Body - size: 32 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jkAG&sid=iyXeBUil7b3JLYcgAAGe
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
Request Header - size: 383 bytes.
Request Body - size: 0 bytes.
Response Header - size: 230 bytes.
Response Body - size: 32 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jkc5&sid=WJtHiW-DQZ1T3FzPAAGm
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
Request Header - size: 332 bytes.
Request Body - size: 0 bytes.
Response Header - size: 229 bytes.
Response Body - size: 1 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jkcQ&sid=G6_arwirWv6zE3sVAAGj
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
Request Header - size: 413 bytes.
Request Body - size: 0 bytes.
Response Header - size: 229 bytes.
Response Body - size: 1 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jkdp&sid=XDs4qc8WdSz1SZaYAAGk
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
Request Header - size: 383 bytes.
Request Body - size: 0 bytes.
Response Header - size: 229 bytes.
Response Body - size: 1 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jkDz&sid=Q8zPnEbA7AqbE-AVAAGd
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
Request Header - size: 413 bytes.
Request Body - size: 0 bytes.
Response Header - size: 229 bytes.
Response Body - size: 1 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jkE5
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
Request Header - size: 388 bytes.
Request Body - size: 0 bytes.
Response Header - size: 230 bytes.
Response Body - size: 96 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jkEH&sid=iyXeBUil7b3JLYcgAAGe
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
Request Header - size: 383 bytes.
Request Body - size: 0 bytes.
Response Header - size: 229 bytes.
Response Body - size: 1 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jker
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
Request Header - size: 307 bytes.
Request Body - size: 0 bytes.
Response Header - size: 230 bytes.
Response Body - size: 96 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jkjU
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
Request Header - size: 388 bytes.
Request Body - size: 0 bytes.
Response Header - size: 230 bytes.
Response Body - size: 96 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jkL2&sid=AUBufidV7Xu2iZQYAAGh
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
Request Header - size: 413 bytes.
Request Body - size: 0 bytes.
Response Header - size: 230 bytes.
Response Body - size: 32 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jkLy&sid=AUBufidV7Xu2iZQYAAGh
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
Request Header - size: 413 bytes.
Request Body - size: 0 bytes.
Response Header - size: 229 bytes.
Response Body - size: 1 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jkOk
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
Request Header - size: 388 bytes.
Request Body - size: 0 bytes.
Response Header - size: 230 bytes.
Response Body - size: 96 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jkPL
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
Request Header - size: 358 bytes.
Request Body - size: 0 bytes.
Response Header - size: 230 bytes.
Response Body - size: 96 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jkQf
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
Request Header - size: 358 bytes.
Request Body - size: 0 bytes.
Response Header - size: 230 bytes.
Response Body - size: 96 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jkrA
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
Request Header - size: 358 bytes.
Request Body - size: 0 bytes.
Response Header - size: 230 bytes.
Response Body - size: 96 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jkV0&sid=WJtHiW-DQZ1T3FzPAAGm
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
Request Header - size: 332 bytes.
Request Body - size: 0 bytes.
Response Header - size: 230 bytes.
Response Body - size: 32 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jkW6&sid=G6_arwirWv6zE3sVAAGj
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
Request Header - size: 413 bytes.
Request Body - size: 0 bytes.
Response Header - size: 230 bytes.
Response Body - size: 32 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jkWP&sid=dZrCgW1RREDXBmEcAAGl
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
Request Header - size: 383 bytes.
Request Body - size: 0 bytes.
Response Header - size: 230 bytes.
Response Body - size: 32 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jkx6&sid=oicUGLWQ8zqxLYu-AAGq
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
Request Header - size: 383 bytes.
Request Body - size: 0 bytes.
Response Header - size: 230 bytes.
Response Body - size: 32 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jkXk&sid=XDs4qc8WdSz1SZaYAAGk
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
Request Header - size: 383 bytes.
Request Body - size: 0 bytes.
Response Header - size: 230 bytes.
Response Body - size: 32 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jl0T
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
Request Header - size: 388 bytes.
Request Body - size: 0 bytes.
Response Header - size: 230 bytes.
Response Body - size: 96 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jl3F&sid=1rzP5Fw3pWWcNjyYAAGs
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
Request Header - size: 413 bytes.
Request Body - size: 0 bytes.
Response Header - size: 230 bytes.
Response Body - size: 32 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jl5K
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
Request Header - size: 307 bytes.
Request Body - size: 0 bytes.
Response Header - size: 230 bytes.
Response Body - size: 96 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jl8f&sid=1rzP5Fw3pWWcNjyYAAGs
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
Request Header - size: 413 bytes.
Request Body - size: 0 bytes.
Response Header - size: 229 bytes.
Response Body - size: 1 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jl8p&sid=tjMMZNG7r9vtvAiGAAGu
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
Request Header - size: 332 bytes.
Request Body - size: 0 bytes.
Response Header - size: 230 bytes.
Response Body - size: 32 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jlBO&sid=tjMMZNG7r9vtvAiGAAGu
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
Request Header - size: 332 bytes.
Request Body - size: 0 bytes.
Response Header - size: 229 bytes.
Response Body - size: 1 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jlcq&sid=_iMS3mwcdn5jXzvoAAGz
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
Request Header - size: 413 bytes.
Request Body - size: 0 bytes.
Response Header - size: 230 bytes.
Response Body - size: 32 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jlE2
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
Request Header - size: 307 bytes.
Request Body - size: 0 bytes.
Response Header - size: 230 bytes.
Response Body - size: 96 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jlfp&sid=_iMS3mwcdn5jXzvoAAGz
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
Request Header - size: 413 bytes.
Request Body - size: 0 bytes.
Response Header - size: 229 bytes.
Response Body - size: 1 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jlfv&sid=dZrCgW1RREDXBmEcAAGl
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
Request Header - size: 383 bytes.
Request Body - size: 0 bytes.
Response Header - size: 229 bytes.
Response Body - size: 1 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jlh8&sid=vD9Rp6fFpQO3CrNkAAG3
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
Request Header - size: 353 bytes.
Request Body - size: 0 bytes.
Response Header - size: 230 bytes.
Response Body - size: 32 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jlHY&sid=IVOPNp79ybKVX9w_AAGw
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
Request Header - size: 332 bytes.
Request Body - size: 0 bytes.
Response Header - size: 230 bytes.
Response Body - size: 32 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jliN&sid=vD9Rp6fFpQO3CrNkAAG3
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
Request Header - size: 353 bytes.
Request Body - size: 0 bytes.
Response Header - size: 229 bytes.
Response Body - size: 1 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jlkA
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
Request Header - size: 358 bytes.
Request Body - size: 0 bytes.
Response Header - size: 230 bytes.
Response Body - size: 96 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jlkc&sid=smjCrULOSmnglxCZAAG5
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
Request Header - size: 413 bytes.
Request Body - size: 0 bytes.
Response Header - size: 230 bytes.
Response Body - size: 32 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jllt&sid=smjCrULOSmnglxCZAAG5
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
Request Header - size: 413 bytes.
Request Body - size: 0 bytes.
Response Header - size: 229 bytes.
Response Body - size: 1 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jlni
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
Request Header - size: 388 bytes.
Request Body - size: 0 bytes.
Response Header - size: 230 bytes.
Response Body - size: 96 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jlqS&sid=1IPVMx647gC7hjOuAAG6
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
Request Header - size: 383 bytes.
Request Body - size: 0 bytes.
Response Header - size: 230 bytes.
Response Body - size: 32 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jlS2
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
Request Header - size: 358 bytes.
Request Body - size: 0 bytes.
Response Header - size: 230 bytes.
Response Body - size: 96 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jlsG&sid=FyM8yP4UNTckYf2NAAG8
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
Request Header - size: 413 bytes.
Request Body - size: 0 bytes.
Response Header - size: 230 bytes.
Response Body - size: 32 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jlSq&sid=IVOPNp79ybKVX9w_AAGw
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
Request Header - size: 332 bytes.
Request Body - size: 0 bytes.
Response Header - size: 229 bytes.
Response Body - size: 1 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jlv0&sid=1IPVMx647gC7hjOuAAG6
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
Request Header - size: 383 bytes.
Request Body - size: 0 bytes.
Response Header - size: 229 bytes.
Response Body - size: 1 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jlv1&sid=FyM8yP4UNTckYf2NAAG8
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
Request Header - size: 413 bytes.
Request Body - size: 0 bytes.
Response Header - size: 229 bytes.
Response Body - size: 1 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jlW7
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
Request Header - size: 388 bytes.
Request Body - size: 0 bytes.
Response Header - size: 230 bytes.
Response Body - size: 96 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jlZL&sid=ldeeeo_dBj2F-1qzAAGy
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
Request Header - size: 383 bytes.
Request Body - size: 0 bytes.
Response Header - size: 230 bytes.
Response Body - size: 32 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jm6n&sid=ldeeeo_dBj2F-1qzAAGy
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
Request Header - size: 383 bytes.
Request Body - size: 0 bytes.
Response Header - size: 229 bytes.
Response Body - size: 1 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jm9z
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
Request Header - size: 388 bytes.
Request Body - size: 0 bytes.
Response Header - size: 230 bytes.
Response Body - size: 96 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jmCV
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
Request Header - size: 307 bytes.
Request Body - size: 0 bytes.
Response Header - size: 230 bytes.
Response Body - size: 96 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jmD_&sid=6irGIzq91IslKF8kAAG_
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
Request Header - size: 413 bytes.
Request Body - size: 0 bytes.
Response Header - size: 230 bytes.
Response Body - size: 32 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jmIn&sid=6irGIzq91IslKF8kAAG_
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
Request Header - size: 413 bytes.
Request Body - size: 0 bytes.
Response Header - size: 229 bytes.
Response Body - size: 1 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jmIZ&sid=0PnxBar0DV0ylvgqAAHA
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
Request Header - size: 332 bytes.
Request Body - size: 0 bytes.
Response Header - size: 230 bytes.
Response Body - size: 32 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jmOH&sid=0PnxBar0DV0ylvgqAAHA
Method GET
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
Request Header - size: 332 bytes.
Request Body - size: 0 bytes.
Response Header - size: 229 bytes.
Response Body - size: 1 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jdMl&sid=dzh6GFQ-5Hjqn77bAAFi
Method POST
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
Request Header - size: 428 bytes.
Request Body - size: 2 bytes.
Response Header - size: 213 bytes.
Response Body - size: 2 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jdwE&sid=x-rMJgmhW5uFvkBqAAFk
Method POST
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
Request Header - size: 449 bytes.
Request Body - size: 2 bytes.
Response Header - size: 213 bytes.
Response Body - size: 2 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jeQH&sid=UgvLTA13bnTNStDxAAFm
Method POST
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
Request Header - size: 428 bytes.
Request Body - size: 2 bytes.
Response Header - size: 213 bytes.
Response Body - size: 2 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jesZ&sid=X_LjqKUekVZEUm6jAAFo
Method POST
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
Request Header - size: 428 bytes.
Request Body - size: 2 bytes.
Response Header - size: 213 bytes.
Response Body - size: 2 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jfMQ&sid=YVmN6z5-i-cLlfb0AAFq
Method POST
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
Request Header - size: 428 bytes.
Request Body - size: 2 bytes.
Response Header - size: 213 bytes.
Response Body - size: 2 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jfqr&sid=BwU6VebhjW2ZmTJLAAFs
Method POST
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
Request Header - size: 428 bytes.
Request Body - size: 2 bytes.
Response Header - size: 213 bytes.
Response Body - size: 2 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jgbl&sid=C9pxj7667ak4ElDXAAFz
Method POST
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
Request Header - size: 449 bytes.
Request Body - size: 2 bytes.
Response Header - size: 213 bytes.
Response Body - size: 2 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jgIp&sid=YQDCIc_vAs7s9UkwAAFu
Method POST
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
Request Header - size: 479 bytes.
Request Body - size: 2 bytes.
Response Header - size: 213 bytes.
Response Body - size: 2 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jgLn&sid=jcmVO4dVXIT-3TOlAAFv
Method POST
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
Request Header - size: 428 bytes.
Request Body - size: 2 bytes.
Response Header - size: 213 bytes.
Response Body - size: 2 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jgR5&sid=JEbLLwnIg3LjE956AAFw
Method POST
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
Request Header - size: 479 bytes.
Request Body - size: 2 bytes.
Response Header - size: 213 bytes.
Response Body - size: 2 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jgvh&sid=Fz9xG4f304vfPIFdAAF2
Method POST
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
Request Header - size: 428 bytes.
Request Body - size: 2 bytes.
Response Header - size: 213 bytes.
Response Body - size: 2 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jhM_&sid=ircBqSGfF6i1eh4LAAF5
Method POST
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
Request Header - size: 449 bytes.
Request Body - size: 2 bytes.
Response Header - size: 213 bytes.
Response Body - size: 2 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jhN2&sid=oRSDOYS87TVsdpS5AAF4
Method POST
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
Request Header - size: 509 bytes.
Request Body - size: 2 bytes.
Response Header - size: 213 bytes.
Response Body - size: 2 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jhre&sid=rQ8n9bKhVoMnZzVqAAF8
Method POST
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
Request Header - size: 428 bytes.
Request Body - size: 2 bytes.
Response Header - size: 213 bytes.
Response Body - size: 2 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jhtz&sid=6md6cZPDbOTL8kA4AAF9
Method POST
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
Request Header - size: 509 bytes.
Request Body - size: 2 bytes.
Response Header - size: 213 bytes.
Response Body - size: 2 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jiA-&sid=bzzlf42LCnuE8YRhAAGB
Method POST
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
Request Header - size: 428 bytes.
Request Body - size: 2 bytes.
Response Header - size: 213 bytes.
Response Body - size: 2 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jiaT&sid=vr_XiVG0kWUfU3miAAGE
Method POST
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
Request Header - size: 479 bytes.
Request Body - size: 2 bytes.
Response Header - size: 213 bytes.
Response Body - size: 2 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jiB4&sid=ICephQEqajXidCI9AAGA
Method POST
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
Request Header - size: 479 bytes.
Request Body - size: 2 bytes.
Response Header - size: 213 bytes.
Response Body - size: 2 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jibS&sid=LXi0b5zbD2uPF_1wAAGF
Method POST
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
Request Header - size: 509 bytes.
Request Body - size: 2 bytes.
Response Header - size: 213 bytes.
Response Body - size: 2 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jisi&sid=RQ3tx66nAHx-1T99AAGJ
Method POST
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
Request Header - size: 479 bytes.
Request Body - size: 2 bytes.
Response Header - size: 213 bytes.
Response Body - size: 2 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jitr&sid=m3ljiLDaQCNrusGbAAGK
Method POST
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
Request Header - size: 479 bytes.
Request Body - size: 2 bytes.
Response Header - size: 213 bytes.
Response Body - size: 2 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jiuV&sid=iTq19Prhofu3WRc6AAGI
Method POST
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
Request Header - size: 479 bytes.
Request Body - size: 2 bytes.
Response Header - size: 213 bytes.
Response Body - size: 2 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jivg&sid=swS8xiEhDtG-gjf9AAGL
Method POST
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
Request Header - size: 479 bytes.
Request Body - size: 2 bytes.
Response Header - size: 213 bytes.
Response Body - size: 2 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jj7O&sid=9Rq6Ygc2rb9B-I57AAGQ
Method POST
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
Request Header - size: 428 bytes.
Request Body - size: 2 bytes.
Response Header - size: 213 bytes.
Response Body - size: 2 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jjAO&sid=stFuRTmj5ftbqE5DAAGS
Method POST
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
Request Header - size: 509 bytes.
Request Body - size: 2 bytes.
Response Header - size: 213 bytes.
Response Body - size: 2 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jjrM&sid=m5eLqvGaL5jlyfljAAGX
Method POST
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
Request Header - size: 479 bytes.
Request Body - size: 2 bytes.
Response Header - size: 213 bytes.
Response Body - size: 2 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jjvj&sid=ESW87syAJz_HNbs4AAGY
Method POST
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
Request Header - size: 479 bytes.
Request Body - size: 2 bytes.
Response Header - size: 213 bytes.
Response Body - size: 2 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jjWO&sid=UOvZYge4fZlvJrXlAAGT
Method POST
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
Request Header - size: 509 bytes.
Request Body - size: 2 bytes.
Response Header - size: 213 bytes.
Response Body - size: 2 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jjXF&sid=pO5oXSpuBhvYLR5JAAGU
Method POST
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
Request Header - size: 479 bytes.
Request Body - size: 2 bytes.
Response Header - size: 213 bytes.
Response Body - size: 2 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jkA3&sid=Q8zPnEbA7AqbE-AVAAGd
Method POST
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
Request Header - size: 509 bytes.
Request Body - size: 2 bytes.
Response Header - size: 213 bytes.
Response Body - size: 2 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jkA6&sid=iyXeBUil7b3JLYcgAAGe
Method POST
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
Request Header - size: 479 bytes.
Request Body - size: 2 bytes.
Response Header - size: 213 bytes.
Response Body - size: 2 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jkL1&sid=AUBufidV7Xu2iZQYAAGh
Method POST
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
Request Header - size: 509 bytes.
Request Body - size: 2 bytes.
Response Header - size: 213 bytes.
Response Body - size: 2 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jkUx&sid=WJtHiW-DQZ1T3FzPAAGm
Method POST
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
Request Header - size: 428 bytes.
Request Body - size: 2 bytes.
Response Header - size: 213 bytes.
Response Body - size: 2 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jkW4&sid=G6_arwirWv6zE3sVAAGj
Method POST
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
Request Header - size: 509 bytes.
Request Body - size: 2 bytes.
Response Header - size: 213 bytes.
Response Body - size: 2 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jkWN&sid=dZrCgW1RREDXBmEcAAGl
Method POST
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
Request Header - size: 479 bytes.
Request Body - size: 2 bytes.
Response Header - size: 213 bytes.
Response Body - size: 2 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jkx3&sid=oicUGLWQ8zqxLYu-AAGq
Method POST
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
Request Header - size: 479 bytes.
Request Body - size: 2 bytes.
Response Header - size: 213 bytes.
Response Body - size: 2 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jkXg&sid=XDs4qc8WdSz1SZaYAAGk
Method POST
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
Request Header - size: 479 bytes.
Request Body - size: 2 bytes.
Response Header - size: 213 bytes.
Response Body - size: 2 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jl3E&sid=1rzP5Fw3pWWcNjyYAAGs
Method POST
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
Request Header - size: 509 bytes.
Request Body - size: 2 bytes.
Response Header - size: 213 bytes.
Response Body - size: 2 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jl8n&sid=tjMMZNG7r9vtvAiGAAGu
Method POST
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
Request Header - size: 428 bytes.
Request Body - size: 2 bytes.
Response Header - size: 213 bytes.
Response Body - size: 2 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jlco&sid=_iMS3mwcdn5jXzvoAAGz
Method POST
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
Request Header - size: 509 bytes.
Request Body - size: 2 bytes.
Response Header - size: 213 bytes.
Response Body - size: 2 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jlGq&sid=XDs4qc8WdSz1SZaYAAGk
Method POST
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
Request Header - size: 479 bytes.
Request Body - size: 1 bytes.
Response Header - size: 213 bytes.
Response Body - size: 2 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jlh6&sid=vD9Rp6fFpQO3CrNkAAG3
Method POST
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
Request Header - size: 449 bytes.
Request Body - size: 2 bytes.
Response Header - size: 213 bytes.
Response Body - size: 2 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jlHX&sid=IVOPNp79ybKVX9w_AAGw
Method POST
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
Request Header - size: 428 bytes.
Request Body - size: 2 bytes.
Response Header - size: 213 bytes.
Response Body - size: 2 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jlka&sid=smjCrULOSmnglxCZAAG5
Method POST
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
Request Header - size: 509 bytes.
Request Body - size: 2 bytes.
Response Header - size: 213 bytes.
Response Body - size: 2 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jlq7&sid=1IPVMx647gC7hjOuAAG6
Method POST
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
Request Header - size: 479 bytes.
Request Body - size: 2 bytes.
Response Header - size: 213 bytes.
Response Body - size: 2 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jlsE&sid=FyM8yP4UNTckYf2NAAG8
Method POST
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
Request Header - size: 509 bytes.
Request Body - size: 2 bytes.
Response Header - size: 213 bytes.
Response Body - size: 2 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jlZK&sid=ldeeeo_dBj2F-1qzAAGy
Method POST
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
Request Header - size: 479 bytes.
Request Body - size: 2 bytes.
Response Header - size: 213 bytes.
Response Body - size: 2 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jmDz&sid=6irGIzq91IslKF8kAAG_
Method POST
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
Request Header - size: 509 bytes.
Request Body - size: 2 bytes.
Response Header - size: 213 bytes.
Response Body - size: 2 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jmIW&sid=0PnxBar0DV0ylvgqAAHA
Method POST
Parameter x-content-type-options
Attack
Evidence
Other Info This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
Request Header - size: 428 bytes.
Request Body - size: 2 bytes.
Response Header - size: 213 bytes.
Response Body - size: 2 bytes.
Instances 191
Solution
Ensure that the application/web server sets the Content-Type header appropriately, and that it sets the X-Content-Type-Options header to 'nosniff' for all web pages.

If possible, ensure that the end user uses a standards-compliant and modern web browser that does not perform MIME-sniffing at all, or that can be directed by the web application/web server to not perform MIME-sniffing.
Reference http://msdn.microsoft.com/en-us/library/ie/gg622941%28v=vs.85%29.aspx
https://owasp.org/www-community/Security_Headers
Tags OWASP_2021_A05
OWASP_2017_A06
CWE Id 693
WASC Id 15
Plugin Id 10021
Informational
Information Disclosure - Suspicious Comments
Description
The response appears to contain suspicious comments which may help an attacker. Note: Matches made within script blocks or files are against the entire content not only comments.
URL http://83.212.109.249:3000/main.js
Method GET
Parameter
Attack
Evidence query
Other Info The following pattern was used: \bQUERY\b and was detected in the element starting with: ""use strict";(self.webpackChunkfrontend=self.webpackChunkfrontend||[]).push([[179],{4550:(tt,K,c)=>{c.d(K,{e:()=>s});var k=c(234", see evidence field for the suspicious comment/snippet.
Request Header - size: 283 bytes.
Request Body - size: 0 bytes.
Response Header - size: 483 bytes.
Response Body - size: 491,853 bytes.
URL http://83.212.109.249:3000/vendor.js
Method GET
Parameter
Attack
Evidence query
Other Info The following pattern was used: \bQUERY\b and was detected in the element starting with: "(self.webpackChunkfrontend=self.webpackChunkfrontend||[]).push([[736],{9187:(At,ae,d)=>{"use strict";d.d(ae,{Xy:()=>X,ne:()=>Be,", see evidence field for the suspicious comment/snippet.
Request Header - size: 285 bytes.
Request Body - size: 0 bytes.
Response Header - size: 485 bytes.
Response Body - size: 1,421,052 bytes.
URL http://cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js
Method GET
Parameter
Attack
Evidence db
Other Info The following pattern was used: \bDB\b and was detected 2 times, the first in the element starting with: "}catch(e){}O.set(a,b,c)}else c=void 0;return c}n.extend({hasData:function(a){return O.hasData(a)||N.hasData(a)},data:function(a,", see evidence field for the suspicious comment/snippet.
Request Header - size: 301 bytes.
Request Body - size: 0 bytes.
Response Header - size: 918 bytes.
Response Body - size: 85,578 bytes.
URL http://cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js
Method GET
Parameter
Attack
Evidence select
Other Info The following pattern was used: \bSELECT\b and was detected in the element starting with: "!function(a,b){"object"==typeof module&&"object"==typeof module.exports?module.exports=a.document?b(a,!0):function(a){if(!a.docu", see evidence field for the suspicious comment/snippet.
Request Header - size: 301 bytes.
Request Body - size: 0 bytes.
Response Header - size: 918 bytes.
Response Body - size: 85,578 bytes.
Instances 4
Solution
Remove all comments that return information that may help an attacker and fix any underlying problems they refer to.
Reference
Tags OWASP_2021_A01
WSTG-v42-INFO-05
OWASP_2017_A03
CWE Id 200
WASC Id 13
Plugin Id 10027
Informational
Modern Web Application
Description
The application appears to be a modern web application. If you need to explore it automatically then the Ajax Spider may well be more effective than the standard one.
URL http://83.212.109.249:3000
Method GET
Parameter
Attack
Evidence <script src="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js"></script>
Other Info No links have been found while there are scripts, which is an indication that this is a modern web application.
Request Header - size: 238 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/
Method GET
Parameter
Attack
Evidence <script src="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js"></script>
Other Info No links have been found while there are scripts, which is an indication that this is a modern web application.
Request Header - size: 280 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/ftp/
Method GET
Parameter
Attack
Evidence <a href="">ftp</a>
Other Info Links have been found that do not have traditional href attributes, which is an indication that this is a modern web application.
Request Header - size: 295 bytes.
Request Body - size: 0 bytes.
Response Header - size: 338 bytes.
Response Body - size: 11,032 bytes.
URL http://83.212.109.249:3000/juice-shop/build/routes/assets/public/assets/public/favicon_js.ico
Method GET
Parameter
Attack
Evidence <script src="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js"></script>
Other Info No links have been found while there are scripts, which is an indication that this is a modern web application.
Request Header - size: 395 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/juice-shop/build/routes/assets/public/favicon_js.ico
Method GET
Parameter
Attack
Evidence <script src="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js"></script>
Other Info No links have been found while there are scripts, which is an indication that this is a modern web application.
Request Header - size: 372 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/juice-shop/build/routes/assets/public/main.js
Method GET
Parameter
Attack
Evidence <script src="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js"></script>
Other Info No links have been found while there are scripts, which is an indication that this is a modern web application.
Request Header - size: 374 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/juice-shop/build/routes/assets/public/polyfills.js
Method GET
Parameter
Attack
Evidence <script src="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js"></script>
Other Info No links have been found while there are scripts, which is an indication that this is a modern web application.
Request Header - size: 379 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/juice-shop/build/routes/assets/public/runtime.js
Method GET
Parameter
Attack
Evidence <script src="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js"></script>
Other Info No links have been found while there are scripts, which is an indication that this is a modern web application.
Request Header - size: 377 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/juice-shop/build/routes/assets/public/styles.css
Method GET
Parameter
Attack
Evidence <script src="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js"></script>
Other Info No links have been found while there are scripts, which is an indication that this is a modern web application.
Request Header - size: 377 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/juice-shop/build/routes/assets/public/vendor.js
Method GET
Parameter
Attack
Evidence <script src="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js"></script>
Other Info No links have been found while there are scripts, which is an indication that this is a modern web application.
Request Header - size: 376 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/juice-shop/build/routes/fileServer.js:39:13
Method GET
Parameter
Attack
Evidence <script src="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js"></script>
Other Info No links have been found while there are scripts, which is an indication that this is a modern web application.
Request Header - size: 343 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/juice-shop/build/routes/fileServer.js:55:18
Method GET
Parameter
Attack
Evidence <script src="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js"></script>
Other Info No links have been found while there are scripts, which is an indication that this is a modern web application.
Request Header - size: 343 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/juice-shop/build/routes/main.js
Method GET
Parameter
Attack
Evidence <script src="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js"></script>
Other Info No links have been found while there are scripts, which is an indication that this is a modern web application.
Request Header - size: 351 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/juice-shop/build/routes/polyfills.js
Method GET
Parameter
Attack
Evidence <script src="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js"></script>
Other Info No links have been found while there are scripts, which is an indication that this is a modern web application.
Request Header - size: 356 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/juice-shop/build/routes/runtime.js
Method GET
Parameter
Attack
Evidence <script src="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js"></script>
Other Info No links have been found while there are scripts, which is an indication that this is a modern web application.
Request Header - size: 354 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/juice-shop/build/routes/styles.css
Method GET
Parameter
Attack
Evidence <script src="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js"></script>
Other Info No links have been found while there are scripts, which is an indication that this is a modern web application.
Request Header - size: 354 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/juice-shop/build/routes/vendor.js
Method GET
Parameter
Attack
Evidence <script src="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js"></script>
Other Info No links have been found while there are scripts, which is an indication that this is a modern web application.
Request Header - size: 353 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/juice-shop/node_modules/express/lib/router/assets/public/assets/public/favicon_js.ico
Method GET
Parameter
Attack
Evidence <script src="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js"></script>
Other Info No links have been found while there are scripts, which is an indication that this is a modern web application.
Request Header - size: 433 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/juice-shop/node_modules/express/lib/router/assets/public/favicon_js.ico
Method GET
Parameter
Attack
Evidence <script src="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js"></script>
Other Info No links have been found while there are scripts, which is an indication that this is a modern web application.
Request Header - size: 404 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/juice-shop/node_modules/express/lib/router/assets/public/main.js
Method GET
Parameter
Attack
Evidence <script src="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js"></script>
Other Info No links have been found while there are scripts, which is an indication that this is a modern web application.
Request Header - size: 412 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/juice-shop/node_modules/express/lib/router/assets/public/polyfills.js
Method GET
Parameter
Attack
Evidence <script src="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js"></script>
Other Info No links have been found while there are scripts, which is an indication that this is a modern web application.
Request Header - size: 417 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/juice-shop/node_modules/express/lib/router/assets/public/runtime.js
Method GET
Parameter
Attack
Evidence <script src="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js"></script>
Other Info No links have been found while there are scripts, which is an indication that this is a modern web application.
Request Header - size: 415 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/juice-shop/node_modules/express/lib/router/assets/public/styles.css
Method GET
Parameter
Attack
Evidence <script src="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js"></script>
Other Info No links have been found while there are scripts, which is an indication that this is a modern web application.
Request Header - size: 415 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/juice-shop/node_modules/express/lib/router/assets/public/vendor.js
Method GET
Parameter
Attack
Evidence <script src="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js"></script>
Other Info No links have been found while there are scripts, which is an indication that this is a modern web application.
Request Header - size: 414 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/juice-shop/node_modules/express/lib/router/index.js:280:10
Method GET
Parameter
Attack
Evidence <script src="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js"></script>
Other Info No links have been found while there are scripts, which is an indication that this is a modern web application.
Request Header - size: 349 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/juice-shop/node_modules/express/lib/router/index.js:286:9
Method GET
Parameter
Attack
Evidence <script src="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js"></script>
Other Info No links have been found while there are scripts, which is an indication that this is a modern web application.
Request Header - size: 357 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/juice-shop/node_modules/express/lib/router/index.js:328:13
Method GET
Parameter
Attack
Evidence <script src="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js"></script>
Other Info No links have been found while there are scripts, which is an indication that this is a modern web application.
Request Header - size: 358 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/juice-shop/node_modules/express/lib/router/index.js:365:14
Method GET
Parameter
Attack
Evidence <script src="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js"></script>
Other Info No links have been found while there are scripts, which is an indication that this is a modern web application.
Request Header - size: 358 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/juice-shop/node_modules/express/lib/router/index.js:376:14
Method GET
Parameter
Attack
Evidence <script src="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js"></script>
Other Info No links have been found while there are scripts, which is an indication that this is a modern web application.
Request Header - size: 349 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/juice-shop/node_modules/express/lib/router/index.js:421:3
Method GET
Parameter
Attack
Evidence <script src="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js"></script>
Other Info No links have been found while there are scripts, which is an indication that this is a modern web application.
Request Header - size: 357 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/juice-shop/node_modules/express/lib/router/layer.js:95:5
Method GET
Parameter
Attack
Evidence <script src="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js"></script>
Other Info No links have been found while there are scripts, which is an indication that this is a modern web application.
Request Header - size: 356 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/juice-shop/node_modules/express/lib/router/main.js
Method GET
Parameter
Attack
Evidence <script src="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js"></script>
Other Info No links have been found while there are scripts, which is an indication that this is a modern web application.
Request Header - size: 383 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/juice-shop/node_modules/express/lib/router/polyfills.js
Method GET
Parameter
Attack
Evidence <script src="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js"></script>
Other Info No links have been found while there are scripts, which is an indication that this is a modern web application.
Request Header - size: 388 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/juice-shop/node_modules/express/lib/router/runtime.js
Method GET
Parameter
Attack
Evidence <script src="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js"></script>
Other Info No links have been found while there are scripts, which is an indication that this is a modern web application.
Request Header - size: 386 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/juice-shop/node_modules/express/lib/router/styles.css
Method GET
Parameter
Attack
Evidence <script src="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js"></script>
Other Info No links have been found while there are scripts, which is an indication that this is a modern web application.
Request Header - size: 386 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/juice-shop/node_modules/express/lib/router/vendor.js
Method GET
Parameter
Attack
Evidence <script src="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js"></script>
Other Info No links have been found while there are scripts, which is an indication that this is a modern web application.
Request Header - size: 385 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/juice-shop/node_modules/serve-index/assets/public/assets/public/favicon_js.ico
Method GET
Parameter
Attack
Evidence <script src="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js"></script>
Other Info No links have been found while there are scripts, which is an indication that this is a modern web application.
Request Header - size: 419 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/juice-shop/node_modules/serve-index/assets/public/favicon_js.ico
Method GET
Parameter
Attack
Evidence <script src="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js"></script>
Other Info No links have been found while there are scripts, which is an indication that this is a modern web application.
Request Header - size: 392 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/juice-shop/node_modules/serve-index/assets/public/main.js
Method GET
Parameter
Attack
Evidence <script src="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js"></script>
Other Info No links have been found while there are scripts, which is an indication that this is a modern web application.
Request Header - size: 398 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/juice-shop/node_modules/serve-index/assets/public/polyfills.js
Method GET
Parameter
Attack
Evidence <script src="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js"></script>
Other Info No links have been found while there are scripts, which is an indication that this is a modern web application.
Request Header - size: 403 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/juice-shop/node_modules/serve-index/assets/public/runtime.js
Method GET
Parameter
Attack
Evidence <script src="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js"></script>
Other Info No links have been found while there are scripts, which is an indication that this is a modern web application.
Request Header - size: 401 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/juice-shop/node_modules/serve-index/assets/public/styles.css
Method GET
Parameter
Attack
Evidence <script src="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js"></script>
Other Info No links have been found while there are scripts, which is an indication that this is a modern web application.
Request Header - size: 401 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/juice-shop/node_modules/serve-index/assets/public/vendor.js
Method GET
Parameter
Attack
Evidence <script src="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js"></script>
Other Info No links have been found while there are scripts, which is an indication that this is a modern web application.
Request Header - size: 400 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/juice-shop/node_modules/serve-index/index.js:145:39
Method GET
Parameter
Attack
Evidence <script src="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js"></script>
Other Info No links have been found while there are scripts, which is an indication that this is a modern web application.
Request Header - size: 351 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/juice-shop/node_modules/serve-index/main.js
Method GET
Parameter
Attack
Evidence <script src="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js"></script>
Other Info No links have been found while there are scripts, which is an indication that this is a modern web application.
Request Header - size: 371 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/juice-shop/node_modules/serve-index/polyfills.js
Method GET
Parameter
Attack
Evidence <script src="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js"></script>
Other Info No links have been found while there are scripts, which is an indication that this is a modern web application.
Request Header - size: 376 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/juice-shop/node_modules/serve-index/runtime.js
Method GET
Parameter
Attack
Evidence <script src="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js"></script>
Other Info No links have been found while there are scripts, which is an indication that this is a modern web application.
Request Header - size: 374 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/juice-shop/node_modules/serve-index/styles.css
Method GET
Parameter
Attack
Evidence <script src="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js"></script>
Other Info No links have been found while there are scripts, which is an indication that this is a modern web application.
Request Header - size: 374 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/juice-shop/node_modules/serve-index/vendor.js
Method GET
Parameter
Attack
Evidence <script src="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js"></script>
Other Info No links have been found while there are scripts, which is an indication that this is a modern web application.
Request Header - size: 373 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/sitemap.xml
Method GET
Parameter
Attack
Evidence <script src="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js"></script>
Other Info No links have been found while there are scripts, which is an indication that this is a modern web application.
Request Header - size: 250 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
Instances 50
Solution
This is an informational alert and so no changes are required.
Reference
Tags
CWE Id
WASC Id
Plugin Id 10109
Informational
Retrieved from Cache
Description
The content was retrieved from a shared cache. If the response data is sensitive, personal or user-specific, this may result in sensitive information being leaked. In some cases, this may even result in a user gaining complete control of the session of another user, depending on the configuration of the caching components in use in their environment. This is primarily an issue where caching servers such as "proxy" caches are configured on the local network. This configuration is typically found in corporate or educational environments, for instance.
URL http://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.css
Method GET
Parameter
Attack
Evidence Age: 106168
Other Info The presence of the 'Age' header indicates that that a HTTP/1.1 compliant caching server is in use.
Request Header - size: 332 bytes.
Request Body - size: 0 bytes.
Response Header - size: 903 bytes.
Response Body - size: 4,064 bytes.
URL http://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.css
Method GET
Parameter
Attack
Evidence Age: 106172
Other Info The presence of the 'Age' header indicates that that a HTTP/1.1 compliant caching server is in use.
Request Header - size: 332 bytes.
Request Body - size: 0 bytes.
Response Header - size: 893 bytes.
Response Body - size: 4,064 bytes.
URL http://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.css
Method GET
Parameter
Attack
Evidence Age: 106174
Other Info The presence of the 'Age' header indicates that that a HTTP/1.1 compliant caching server is in use.
Request Header - size: 332 bytes.
Request Body - size: 0 bytes.
Response Header - size: 897 bytes.
Response Body - size: 4,064 bytes.
URL http://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.css
Method GET
Parameter
Attack
Evidence Age: 106176
Other Info The presence of the 'Age' header indicates that that a HTTP/1.1 compliant caching server is in use.
Request Header - size: 332 bytes.
Request Body - size: 0 bytes.
Response Header - size: 895 bytes.
Response Body - size: 4,064 bytes.
URL http://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.css
Method GET
Parameter
Attack
Evidence Age: 106178
Other Info The presence of the 'Age' header indicates that that a HTTP/1.1 compliant caching server is in use.
Request Header - size: 332 bytes.
Request Body - size: 0 bytes.
Response Header - size: 899 bytes.
Response Body - size: 4,064 bytes.
URL http://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.css
Method GET
Parameter
Attack
Evidence Age: 106180
Other Info The presence of the 'Age' header indicates that that a HTTP/1.1 compliant caching server is in use.
Request Header - size: 332 bytes.
Request Body - size: 0 bytes.
Response Header - size: 897 bytes.
Response Body - size: 4,064 bytes.
URL http://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.css
Method GET
Parameter
Attack
Evidence Age: 106182
Other Info The presence of the 'Age' header indicates that that a HTTP/1.1 compliant caching server is in use.
Request Header - size: 332 bytes.
Request Body - size: 0 bytes.
Response Header - size: 901 bytes.
Response Body - size: 4,064 bytes.
URL http://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.css
Method GET
Parameter
Attack
Evidence Age: 106185
Other Info The presence of the 'Age' header indicates that that a HTTP/1.1 compliant caching server is in use.
Request Header - size: 332 bytes.
Request Body - size: 0 bytes.
Response Header - size: 905 bytes.
Response Body - size: 4,064 bytes.
URL http://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.css
Method GET
Parameter
Attack
Evidence Age: 106187
Other Info The presence of the 'Age' header indicates that that a HTTP/1.1 compliant caching server is in use.
Request Header - size: 332 bytes.
Request Body - size: 0 bytes.
Response Header - size: 895 bytes.
Response Body - size: 4,064 bytes.
URL http://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.css
Method GET
Parameter
Attack
Evidence Age: 106191
Other Info The presence of the 'Age' header indicates that that a HTTP/1.1 compliant caching server is in use.
Request Header - size: 332 bytes.
Request Body - size: 0 bytes.
Response Header - size: 897 bytes.
Response Body - size: 4,064 bytes.
URL http://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.css
Method GET
Parameter
Attack
Evidence Age: 106195
Other Info The presence of the 'Age' header indicates that that a HTTP/1.1 compliant caching server is in use.
Request Header - size: 332 bytes.
Request Body - size: 0 bytes.
Response Header - size: 895 bytes.
Response Body - size: 4,064 bytes.
URL http://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.css
Method GET
Parameter
Attack
Evidence Age: 106196
Other Info The presence of the 'Age' header indicates that that a HTTP/1.1 compliant caching server is in use.
Request Header - size: 332 bytes.
Request Body - size: 0 bytes.
Response Header - size: 899 bytes.
Response Body - size: 4,064 bytes.
URL http://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.css
Method GET
Parameter
Attack
Evidence Age: 106197
Other Info The presence of the 'Age' header indicates that that a HTTP/1.1 compliant caching server is in use.
Request Header - size: 332 bytes.
Request Body - size: 0 bytes.
Response Header - size: 901 bytes.
Response Body - size: 4,064 bytes.
URL http://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.css
Method GET
Parameter
Attack
Evidence Age: 106200
Other Info The presence of the 'Age' header indicates that that a HTTP/1.1 compliant caching server is in use.
Request Header - size: 332 bytes.
Request Body - size: 0 bytes.
Response Header - size: 901 bytes.
Response Body - size: 4,064 bytes.
URL http://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js
Method GET
Parameter
Attack
Evidence Age: 2497339
Other Info The presence of the 'Age' header indicates that that a HTTP/1.1 compliant caching server is in use.
Request Header - size: 316 bytes.
Request Body - size: 0 bytes.
Response Header - size: 914 bytes.
Response Body - size: 20,808 bytes.
URL http://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js
Method GET
Parameter
Attack
Evidence Age: 2497343
Other Info The presence of the 'Age' header indicates that that a HTTP/1.1 compliant caching server is in use.
Request Header - size: 316 bytes.
Request Body - size: 0 bytes.
Response Header - size: 916 bytes.
Response Body - size: 20,808 bytes.
URL http://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js
Method GET
Parameter
Attack
Evidence Age: 2497345
Other Info The presence of the 'Age' header indicates that that a HTTP/1.1 compliant caching server is in use.
Request Header - size: 316 bytes.
Request Body - size: 0 bytes.
Response Header - size: 912 bytes.
Response Body - size: 20,808 bytes.
URL http://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js
Method GET
Parameter
Attack
Evidence Age: 2497347
Other Info The presence of the 'Age' header indicates that that a HTTP/1.1 compliant caching server is in use.
Request Header - size: 316 bytes.
Request Body - size: 0 bytes.
Response Header - size: 914 bytes.
Response Body - size: 20,808 bytes.
URL http://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js
Method GET
Parameter
Attack
Evidence Age: 2497349
Other Info The presence of the 'Age' header indicates that that a HTTP/1.1 compliant caching server is in use.
Request Header - size: 316 bytes.
Request Body - size: 0 bytes.
Response Header - size: 922 bytes.
Response Body - size: 20,808 bytes.
URL http://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js
Method GET
Parameter
Attack
Evidence Age: 2497351
Other Info The presence of the 'Age' header indicates that that a HTTP/1.1 compliant caching server is in use.
Request Header - size: 316 bytes.
Request Body - size: 0 bytes.
Response Header - size: 916 bytes.
Response Body - size: 20,808 bytes.
URL http://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js
Method GET
Parameter
Attack
Evidence Age: 2497353
Other Info The presence of the 'Age' header indicates that that a HTTP/1.1 compliant caching server is in use.
Request Header - size: 316 bytes.
Request Body - size: 0 bytes.
Response Header - size: 918 bytes.
Response Body - size: 20,808 bytes.
URL http://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js
Method GET
Parameter
Attack
Evidence Age: 2497356
Other Info The presence of the 'Age' header indicates that that a HTTP/1.1 compliant caching server is in use.
Request Header - size: 316 bytes.
Request Body - size: 0 bytes.
Response Header - size: 922 bytes.
Response Body - size: 20,808 bytes.
URL http://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js
Method GET
Parameter
Attack
Evidence Age: 2497358
Other Info The presence of the 'Age' header indicates that that a HTTP/1.1 compliant caching server is in use.
Request Header - size: 316 bytes.
Request Body - size: 0 bytes.
Response Header - size: 914 bytes.
Response Body - size: 20,808 bytes.
URL http://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js
Method GET
Parameter
Attack
Evidence Age: 2497362
Other Info The presence of the 'Age' header indicates that that a HTTP/1.1 compliant caching server is in use.
Request Header - size: 316 bytes.
Request Body - size: 0 bytes.
Response Header - size: 912 bytes.
Response Body - size: 20,808 bytes.
URL http://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js
Method GET
Parameter
Attack
Evidence Age: 2497366
Other Info The presence of the 'Age' header indicates that that a HTTP/1.1 compliant caching server is in use.
Request Header - size: 316 bytes.
Request Body - size: 0 bytes.
Response Header - size: 918 bytes.
Response Body - size: 20,808 bytes.
URL http://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js
Method GET
Parameter
Attack
Evidence Age: 2497367
Other Info The presence of the 'Age' header indicates that that a HTTP/1.1 compliant caching server is in use.
Request Header - size: 316 bytes.
Request Body - size: 0 bytes.
Response Header - size: 914 bytes.
Response Body - size: 20,808 bytes.
URL http://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js
Method GET
Parameter
Attack
Evidence Age: 2497368
Other Info The presence of the 'Age' header indicates that that a HTTP/1.1 compliant caching server is in use.
Request Header - size: 316 bytes.
Request Body - size: 0 bytes.
Response Header - size: 918 bytes.
Response Body - size: 20,808 bytes.
URL http://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js
Method GET
Parameter
Attack
Evidence Age: 2497371
Other Info The presence of the 'Age' header indicates that that a HTTP/1.1 compliant caching server is in use.
Request Header - size: 316 bytes.
Request Body - size: 0 bytes.
Response Header - size: 924 bytes.
Response Body - size: 20,808 bytes.
URL http://cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js
Method GET
Parameter
Attack
Evidence Age: 106168
Other Info The presence of the 'Age' header indicates that that a HTTP/1.1 compliant caching server is in use.
Request Header - size: 301 bytes.
Request Body - size: 0 bytes.
Response Header - size: 918 bytes.
Response Body - size: 85,578 bytes.
URL http://cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js
Method GET
Parameter
Attack
Evidence Age: 106172
Other Info The presence of the 'Age' header indicates that that a HTTP/1.1 compliant caching server is in use.
Request Header - size: 301 bytes.
Request Body - size: 0 bytes.
Response Header - size: 914 bytes.
Response Body - size: 85,578 bytes.
URL http://cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js
Method GET
Parameter
Attack
Evidence Age: 106174
Other Info The presence of the 'Age' header indicates that that a HTTP/1.1 compliant caching server is in use.
Request Header - size: 301 bytes.
Request Body - size: 0 bytes.
Response Header - size: 918 bytes.
Response Body - size: 85,578 bytes.
URL http://cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js
Method GET
Parameter
Attack
Evidence Age: 106176
Other Info The presence of the 'Age' header indicates that that a HTTP/1.1 compliant caching server is in use.
Request Header - size: 301 bytes.
Request Body - size: 0 bytes.
Response Header - size: 918 bytes.
Response Body - size: 85,578 bytes.
URL http://cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js
Method GET
Parameter
Attack
Evidence Age: 106178
Other Info The presence of the 'Age' header indicates that that a HTTP/1.1 compliant caching server is in use.
Request Header - size: 301 bytes.
Request Body - size: 0 bytes.
Response Header - size: 922 bytes.
Response Body - size: 85,578 bytes.
URL http://cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js
Method GET
Parameter
Attack
Evidence Age: 106180
Other Info The presence of the 'Age' header indicates that that a HTTP/1.1 compliant caching server is in use.
Request Header - size: 301 bytes.
Request Body - size: 0 bytes.
Response Header - size: 912 bytes.
Response Body - size: 85,578 bytes.
URL http://cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js
Method GET
Parameter
Attack
Evidence Age: 106182
Other Info The presence of the 'Age' header indicates that that a HTTP/1.1 compliant caching server is in use.
Request Header - size: 301 bytes.
Request Body - size: 0 bytes.
Response Header - size: 916 bytes.
Response Body - size: 85,578 bytes.
URL http://cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js
Method GET
Parameter
Attack
Evidence Age: 106185
Other Info The presence of the 'Age' header indicates that that a HTTP/1.1 compliant caching server is in use.
Request Header - size: 301 bytes.
Request Body - size: 0 bytes.
Response Header - size: 912 bytes.
Response Body - size: 85,578 bytes.
URL http://cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js
Method GET
Parameter
Attack
Evidence Age: 106187
Other Info The presence of the 'Age' header indicates that that a HTTP/1.1 compliant caching server is in use.
Request Header - size: 301 bytes.
Request Body - size: 0 bytes.
Response Header - size: 920 bytes.
Response Body - size: 85,578 bytes.
URL http://cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js
Method GET
Parameter
Attack
Evidence Age: 106191
Other Info The presence of the 'Age' header indicates that that a HTTP/1.1 compliant caching server is in use.
Request Header - size: 301 bytes.
Request Body - size: 0 bytes.
Response Header - size: 914 bytes.
Response Body - size: 85,578 bytes.
URL http://cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js
Method GET
Parameter
Attack
Evidence Age: 106195
Other Info The presence of the 'Age' header indicates that that a HTTP/1.1 compliant caching server is in use.
Request Header - size: 301 bytes.
Request Body - size: 0 bytes.
Response Header - size: 916 bytes.
Response Body - size: 85,578 bytes.
URL http://cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js
Method GET
Parameter
Attack
Evidence Age: 106196
Other Info The presence of the 'Age' header indicates that that a HTTP/1.1 compliant caching server is in use.
Request Header - size: 301 bytes.
Request Body - size: 0 bytes.
Response Header - size: 914 bytes.
Response Body - size: 85,578 bytes.
URL http://cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js
Method GET
Parameter
Attack
Evidence Age: 106197
Other Info The presence of the 'Age' header indicates that that a HTTP/1.1 compliant caching server is in use.
Request Header - size: 301 bytes.
Request Body - size: 0 bytes.
Response Header - size: 920 bytes.
Response Body - size: 85,578 bytes.
URL http://cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js
Method GET
Parameter
Attack
Evidence Age: 106200
Other Info The presence of the 'Age' header indicates that that a HTTP/1.1 compliant caching server is in use.
Request Header - size: 301 bytes.
Request Body - size: 0 bytes.
Response Header - size: 908 bytes.
Response Body - size: 85,578 bytes.
Instances 42
Solution
Validate that the response does not contain sensitive, personal or user-specific information. If it does, consider the use of the following HTTP response headers, to limit, or prevent the content being stored and retrieved from the cache by another user:

Cache-Control: no-cache, no-store, must-revalidate, private

Pragma: no-cache

Expires: 0

This configuration directs both HTTP 1.0 and HTTP 1.1 compliant caching servers to not store the response, and to not retrieve the response (without validation) from the cache, in response to a similar request.
Reference https://tools.ietf.org/html/rfc7234
https://tools.ietf.org/html/rfc7231
http://www.w3.org/Protocols/rfc2616/rfc2616-sec13.html (obsoleted by rfc7234)
Tags WSTG-v42-ATHN-06
CWE Id
WASC Id
Plugin Id 10050
Informational
User Agent Fuzzer
Description
Check for differences in response based on fuzzed User Agent (eg. mobile sites, access as a Search Engine Crawler). Compares the response statuscode and the hashcode of the response body with the original response.
URL http://83.212.109.249:3000/assets
Method GET
Parameter Header User-Agent
Attack Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)
Evidence
Other Info
Request Header - size: 221 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/assets
Method GET
Parameter Header User-Agent
Attack Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Evidence
Other Info
Request Header - size: 221 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/assets
Method GET
Parameter Header User-Agent
Attack Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1)
Evidence
Other Info
Request Header - size: 221 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/assets
Method GET
Parameter Header User-Agent
Attack Mozilla/5.0 (Windows NT 10.0; Trident/7.0; rv:11.0) like Gecko
Evidence
Other Info
Request Header - size: 233 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/assets
Method GET
Parameter Header User-Agent
Attack Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3739.0 Safari/537.36 Edg/75.0.109.0
Evidence
Other Info
Request Header - size: 299 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/assets
Method GET
Parameter Header User-Agent
Attack Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36
Evidence
Other Info
Request Header - size: 286 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/assets
Method GET
Parameter Header User-Agent
Attack Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:93.0) Gecko/20100101 Firefox/91.0
Evidence
Other Info
Request Header - size: 249 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/assets
Method GET
Parameter Header User-Agent
Attack Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)
Evidence
Other Info
Request Header - size: 243 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/assets
Method GET
Parameter Header User-Agent
Attack Mozilla/5.0 (compatible; Yahoo! Slurp; http://help.yahoo.com/help/us/ysearch/slurp)
Evidence
Other Info
Request Header - size: 254 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/assets
Method GET
Parameter Header User-Agent
Attack Mozilla/5.0 (iPhone; CPU iPhone OS 8_0_2 like Mac OS X) AppleWebKit/600.1.4 (KHTML, like Gecko) Version/8.0 Mobile/12A366 Safari/600.1.4
Evidence
Other Info
Request Header - size: 307 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/assets
Method GET
Parameter Header User-Agent
Attack Mozilla/5.0 (iPhone; U; CPU iPhone OS 3_0 like Mac OS X; en-us) AppleWebKit/528.18 (KHTML, like Gecko) Version/4.0 Mobile/7A341 Safari/528.16
Evidence
Other Info
Request Header - size: 312 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/assets
Method GET
Parameter Header User-Agent
Attack msnbot/1.1 (+http://search.msn.com/msnbot.htm)
Evidence
Other Info
Request Header - size: 217 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/assets/i18n
Method GET
Parameter Header User-Agent
Attack Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)
Evidence
Other Info
Request Header - size: 284 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/assets/i18n
Method GET
Parameter Header User-Agent
Attack Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Evidence
Other Info
Request Header - size: 284 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/assets/i18n
Method GET
Parameter Header User-Agent
Attack Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1)
Evidence
Other Info
Request Header - size: 284 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/assets/i18n
Method GET
Parameter Header User-Agent
Attack Mozilla/5.0 (Windows NT 10.0; Trident/7.0; rv:11.0) like Gecko
Evidence
Other Info
Request Header - size: 296 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/assets/i18n
Method GET
Parameter Header User-Agent
Attack Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3739.0 Safari/537.36 Edg/75.0.109.0
Evidence
Other Info
Request Header - size: 362 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/assets/i18n
Method GET
Parameter Header User-Agent
Attack Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36
Evidence
Other Info
Request Header - size: 349 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/assets/i18n
Method GET
Parameter Header User-Agent
Attack Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:93.0) Gecko/20100101 Firefox/91.0
Evidence
Other Info
Request Header - size: 312 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/assets/i18n
Method GET
Parameter Header User-Agent
Attack Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)
Evidence
Other Info
Request Header - size: 306 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/assets/i18n
Method GET
Parameter Header User-Agent
Attack Mozilla/5.0 (compatible; Yahoo! Slurp; http://help.yahoo.com/help/us/ysearch/slurp)
Evidence
Other Info
Request Header - size: 317 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/assets/i18n
Method GET
Parameter Header User-Agent
Attack Mozilla/5.0 (iPhone; CPU iPhone OS 8_0_2 like Mac OS X) AppleWebKit/600.1.4 (KHTML, like Gecko) Version/8.0 Mobile/12A366 Safari/600.1.4
Evidence
Other Info
Request Header - size: 370 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/assets/i18n
Method GET
Parameter Header User-Agent
Attack Mozilla/5.0 (iPhone; U; CPU iPhone OS 3_0 like Mac OS X; en-us) AppleWebKit/528.18 (KHTML, like Gecko) Version/4.0 Mobile/7A341 Safari/528.16
Evidence
Other Info
Request Header - size: 375 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/assets/i18n
Method GET
Parameter Header User-Agent
Attack msnbot/1.1 (+http://search.msn.com/msnbot.htm)
Evidence
Other Info
Request Header - size: 280 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/assets/public
Method GET
Parameter Header User-Agent
Attack Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)
Evidence
Other Info
Request Header - size: 228 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/assets/public
Method GET
Parameter Header User-Agent
Attack Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Evidence
Other Info
Request Header - size: 228 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/assets/public
Method GET
Parameter Header User-Agent
Attack Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1)
Evidence
Other Info
Request Header - size: 228 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/assets/public
Method GET
Parameter Header User-Agent
Attack Mozilla/5.0 (Windows NT 10.0; Trident/7.0; rv:11.0) like Gecko
Evidence
Other Info
Request Header - size: 240 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/assets/public
Method GET
Parameter Header User-Agent
Attack Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3739.0 Safari/537.36 Edg/75.0.109.0
Evidence
Other Info
Request Header - size: 306 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/assets/public
Method GET
Parameter Header User-Agent
Attack Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36
Evidence
Other Info
Request Header - size: 293 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/assets/public
Method GET
Parameter Header User-Agent
Attack Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:93.0) Gecko/20100101 Firefox/91.0
Evidence
Other Info
Request Header - size: 256 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/assets/public
Method GET
Parameter Header User-Agent
Attack Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)
Evidence
Other Info
Request Header - size: 250 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/assets/public
Method GET
Parameter Header User-Agent
Attack Mozilla/5.0 (compatible; Yahoo! Slurp; http://help.yahoo.com/help/us/ysearch/slurp)
Evidence
Other Info
Request Header - size: 261 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/assets/public
Method GET
Parameter Header User-Agent
Attack Mozilla/5.0 (iPhone; CPU iPhone OS 8_0_2 like Mac OS X) AppleWebKit/600.1.4 (KHTML, like Gecko) Version/8.0 Mobile/12A366 Safari/600.1.4
Evidence
Other Info
Request Header - size: 314 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/assets/public
Method GET
Parameter Header User-Agent
Attack Mozilla/5.0 (iPhone; U; CPU iPhone OS 3_0 like Mac OS X; en-us) AppleWebKit/528.18 (KHTML, like Gecko) Version/4.0 Mobile/7A341 Safari/528.16
Evidence
Other Info
Request Header - size: 319 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/assets/public
Method GET
Parameter Header User-Agent
Attack msnbot/1.1 (+http://search.msn.com/msnbot.htm)
Evidence
Other Info
Request Header - size: 224 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/assets/public/images
Method GET
Parameter Header User-Agent
Attack Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)
Evidence
Other Info
Request Header - size: 285 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/assets/public/images
Method GET
Parameter Header User-Agent
Attack Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Evidence
Other Info
Request Header - size: 285 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/assets/public/images
Method GET
Parameter Header User-Agent
Attack Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1)
Evidence
Other Info
Request Header - size: 285 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/assets/public/images
Method GET
Parameter Header User-Agent
Attack Mozilla/5.0 (Windows NT 10.0; Trident/7.0; rv:11.0) like Gecko
Evidence
Other Info
Request Header - size: 297 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/assets/public/images
Method GET
Parameter Header User-Agent
Attack Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3739.0 Safari/537.36 Edg/75.0.109.0
Evidence
Other Info
Request Header - size: 363 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/assets/public/images
Method GET
Parameter Header User-Agent
Attack Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36
Evidence
Other Info
Request Header - size: 350 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/assets/public/images
Method GET
Parameter Header User-Agent
Attack Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:93.0) Gecko/20100101 Firefox/91.0
Evidence
Other Info
Request Header - size: 313 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/assets/public/images
Method GET
Parameter Header User-Agent
Attack Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)
Evidence
Other Info
Request Header - size: 307 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/assets/public/images
Method GET
Parameter Header User-Agent
Attack Mozilla/5.0 (compatible; Yahoo! Slurp; http://help.yahoo.com/help/us/ysearch/slurp)
Evidence
Other Info
Request Header - size: 318 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/assets/public/images
Method GET
Parameter Header User-Agent
Attack Mozilla/5.0 (iPhone; CPU iPhone OS 8_0_2 like Mac OS X) AppleWebKit/600.1.4 (KHTML, like Gecko) Version/8.0 Mobile/12A366 Safari/600.1.4
Evidence
Other Info
Request Header - size: 371 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/assets/public/images
Method GET
Parameter Header User-Agent
Attack Mozilla/5.0 (iPhone; U; CPU iPhone OS 3_0 like Mac OS X; en-us) AppleWebKit/528.18 (KHTML, like Gecko) Version/4.0 Mobile/7A341 Safari/528.16
Evidence
Other Info
Request Header - size: 376 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/assets/public/images
Method GET
Parameter Header User-Agent
Attack msnbot/1.1 (+http://search.msn.com/msnbot.htm)
Evidence
Other Info
Request Header - size: 281 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/assets/public/images/products
Method GET
Parameter Header User-Agent
Attack Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)
Evidence
Other Info
Request Header - size: 315 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/assets/public/images/products
Method GET
Parameter Header User-Agent
Attack Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Evidence
Other Info
Request Header - size: 315 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/assets/public/images/products
Method GET
Parameter Header User-Agent
Attack Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1)
Evidence
Other Info
Request Header - size: 315 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/assets/public/images/products
Method GET
Parameter Header User-Agent
Attack Mozilla/5.0 (Windows NT 10.0; Trident/7.0; rv:11.0) like Gecko
Evidence
Other Info
Request Header - size: 327 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/assets/public/images/products
Method GET
Parameter Header User-Agent
Attack Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3739.0 Safari/537.36 Edg/75.0.109.0
Evidence
Other Info
Request Header - size: 393 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/assets/public/images/products
Method GET
Parameter Header User-Agent
Attack Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36
Evidence
Other Info
Request Header - size: 380 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/assets/public/images/products
Method GET
Parameter Header User-Agent
Attack Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:93.0) Gecko/20100101 Firefox/91.0
Evidence
Other Info
Request Header - size: 343 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/assets/public/images/products
Method GET
Parameter Header User-Agent
Attack Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)
Evidence
Other Info
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/assets/public/images/products
Method GET
Parameter Header User-Agent
Attack Mozilla/5.0 (compatible; Yahoo! Slurp; http://help.yahoo.com/help/us/ysearch/slurp)
Evidence
Other Info
Request Header - size: 348 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/assets/public/images/products
Method GET
Parameter Header User-Agent
Attack Mozilla/5.0 (iPhone; CPU iPhone OS 8_0_2 like Mac OS X) AppleWebKit/600.1.4 (KHTML, like Gecko) Version/8.0 Mobile/12A366 Safari/600.1.4
Evidence
Other Info
Request Header - size: 401 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/assets/public/images/products
Method GET
Parameter Header User-Agent
Attack Mozilla/5.0 (iPhone; U; CPU iPhone OS 3_0 like Mac OS X; en-us) AppleWebKit/528.18 (KHTML, like Gecko) Version/4.0 Mobile/7A341 Safari/528.16
Evidence
Other Info
Request Header - size: 406 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/assets/public/images/products
Method GET
Parameter Header User-Agent
Attack msnbot/1.1 (+http://search.msn.com/msnbot.htm)
Evidence
Other Info
Request Header - size: 311 bytes.
Request Body - size: 0 bytes.
Response Header - size: 466 bytes.
Response Body - size: 3,748 bytes.
URL http://83.212.109.249:3000/rest/captcha
Method GET
Parameter Header User-Agent
Attack Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)
Evidence
Other Info
Request Header - size: 336 bytes.
Request Body - size: 0 bytes.
Response Header - size: 384 bytes.
Response Body - size: 48 bytes.
URL http://83.212.109.249:3000/rest/captcha
Method GET
Parameter Header User-Agent
Attack Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Evidence
Other Info
Request Header - size: 336 bytes.
Request Body - size: 0 bytes.
Response Header - size: 384 bytes.
Response Body - size: 48 bytes.
URL http://83.212.109.249:3000/rest/captcha
Method GET
Parameter Header User-Agent
Attack Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1)
Evidence
Other Info
Request Header - size: 336 bytes.
Request Body - size: 0 bytes.
Response Header - size: 384 bytes.
Response Body - size: 48 bytes.
URL http://83.212.109.249:3000/rest/captcha
Method GET
Parameter Header User-Agent
Attack Mozilla/5.0 (Windows NT 10.0; Trident/7.0; rv:11.0) like Gecko
Evidence
Other Info
Request Header - size: 348 bytes.
Request Body - size: 0 bytes.
Response Header - size: 384 bytes.
Response Body - size: 48 bytes.
URL http://83.212.109.249:3000/rest/captcha
Method GET
Parameter Header User-Agent
Attack Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3739.0 Safari/537.36 Edg/75.0.109.0
Evidence
Other Info
Request Header - size: 414 bytes.
Request Body - size: 0 bytes.
Response Header - size: 384 bytes.
Response Body - size: 48 bytes.
URL http://83.212.109.249:3000/rest/captcha
Method GET
Parameter Header User-Agent
Attack Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36
Evidence
Other Info
Request Header - size: 401 bytes.
Request Body - size: 0 bytes.
Response Header - size: 384 bytes.
Response Body - size: 50 bytes.
URL http://83.212.109.249:3000/rest/captcha
Method GET
Parameter Header User-Agent
Attack Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:93.0) Gecko/20100101 Firefox/91.0
Evidence
Other Info
Request Header - size: 364 bytes.
Request Body - size: 0 bytes.
Response Header - size: 384 bytes.
Response Body - size: 49 bytes.
URL http://83.212.109.249:3000/rest/captcha
Method GET
Parameter Header User-Agent
Attack Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)
Evidence
Other Info
Request Header - size: 358 bytes.
Request Body - size: 0 bytes.
Response Header - size: 384 bytes.
Response Body - size: 47 bytes.
URL http://83.212.109.249:3000/rest/captcha
Method GET
Parameter Header User-Agent
Attack Mozilla/5.0 (compatible; Yahoo! Slurp; http://help.yahoo.com/help/us/ysearch/slurp)
Evidence
Other Info
Request Header - size: 369 bytes.
Request Body - size: 0 bytes.
Response Header - size: 384 bytes.
Response Body - size: 48 bytes.
URL http://83.212.109.249:3000/rest/captcha
Method GET
Parameter Header User-Agent
Attack Mozilla/5.0 (iPhone; CPU iPhone OS 8_0_2 like Mac OS X) AppleWebKit/600.1.4 (KHTML, like Gecko) Version/8.0 Mobile/12A366 Safari/600.1.4
Evidence
Other Info
Request Header - size: 422 bytes.
Request Body - size: 0 bytes.
Response Header - size: 384 bytes.
Response Body - size: 49 bytes.
URL http://83.212.109.249:3000/rest/captcha
Method GET
Parameter Header User-Agent
Attack Mozilla/5.0 (iPhone; U; CPU iPhone OS 3_0 like Mac OS X; en-us) AppleWebKit/528.18 (KHTML, like Gecko) Version/4.0 Mobile/7A341 Safari/528.16
Evidence
Other Info
Request Header - size: 427 bytes.
Request Body - size: 0 bytes.
Response Header - size: 384 bytes.
Response Body - size: 50 bytes.
URL http://83.212.109.249:3000/rest/captcha
Method GET
Parameter Header User-Agent
Attack msnbot/1.1 (+http://search.msn.com/msnbot.htm)
Evidence
Other Info
Request Header - size: 332 bytes.
Request Body - size: 0 bytes.
Response Header - size: 384 bytes.
Response Body - size: 47 bytes.
URL http://83.212.109.249:3000/rest/captcha/
Method GET
Parameter Header User-Agent
Attack Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)
Evidence
Other Info
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 384 bytes.
Response Body - size: 47 bytes.
URL http://83.212.109.249:3000/rest/captcha/
Method GET
Parameter Header User-Agent
Attack Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Evidence
Other Info
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 384 bytes.
Response Body - size: 48 bytes.
URL http://83.212.109.249:3000/rest/captcha/
Method GET
Parameter Header User-Agent
Attack Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1)
Evidence
Other Info
Request Header - size: 337 bytes.
Request Body - size: 0 bytes.
Response Header - size: 384 bytes.
Response Body - size: 48 bytes.
URL http://83.212.109.249:3000/rest/captcha/
Method GET
Parameter Header User-Agent
Attack Mozilla/5.0 (Windows NT 10.0; Trident/7.0; rv:11.0) like Gecko
Evidence
Other Info
Request Header - size: 349 bytes.
Request Body - size: 0 bytes.
Response Header - size: 384 bytes.
Response Body - size: 48 bytes.
URL http://83.212.109.249:3000/rest/captcha/
Method GET
Parameter Header User-Agent
Attack Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3739.0 Safari/537.36 Edg/75.0.109.0
Evidence
Other Info
Request Header - size: 415 bytes.
Request Body - size: 0 bytes.
Response Header - size: 384 bytes.
Response Body - size: 48 bytes.
URL http://83.212.109.249:3000/rest/captcha/
Method GET
Parameter Header User-Agent
Attack Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36
Evidence
Other Info
Request Header - size: 402 bytes.
Request Body - size: 0 bytes.
Response Header - size: 384 bytes.
Response Body - size: 48 bytes.
URL http://83.212.109.249:3000/rest/captcha/
Method GET
Parameter Header User-Agent
Attack Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:93.0) Gecko/20100101 Firefox/91.0
Evidence
Other Info
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 384 bytes.
Response Body - size: 50 bytes.
URL http://83.212.109.249:3000/rest/captcha/
Method GET
Parameter Header User-Agent
Attack Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)
Evidence
Other Info
Request Header - size: 359 bytes.
Request Body - size: 0 bytes.
Response Header - size: 384 bytes.
Response Body - size: 48 bytes.
URL http://83.212.109.249:3000/rest/captcha/
Method GET
Parameter Header User-Agent
Attack Mozilla/5.0 (compatible; Yahoo! Slurp; http://help.yahoo.com/help/us/ysearch/slurp)
Evidence
Other Info
Request Header - size: 370 bytes.
Request Body - size: 0 bytes.
Response Header - size: 384 bytes.
Response Body - size: 49 bytes.
URL http://83.212.109.249:3000/rest/captcha/
Method GET
Parameter Header User-Agent
Attack Mozilla/5.0 (iPhone; CPU iPhone OS 8_0_2 like Mac OS X) AppleWebKit/600.1.4 (KHTML, like Gecko) Version/8.0 Mobile/12A366 Safari/600.1.4
Evidence
Other Info
Request Header - size: 423 bytes.
Request Body - size: 0 bytes.
Response Header - size: 384 bytes.
Response Body - size: 48 bytes.
URL http://83.212.109.249:3000/rest/captcha/
Method GET
Parameter Header User-Agent
Attack Mozilla/5.0 (iPhone; U; CPU iPhone OS 3_0 like Mac OS X; en-us) AppleWebKit/528.18 (KHTML, like Gecko) Version/4.0 Mobile/7A341 Safari/528.16
Evidence
Other Info
Request Header - size: 428 bytes.
Request Body - size: 0 bytes.
Response Header - size: 384 bytes.
Response Body - size: 50 bytes.
URL http://83.212.109.249:3000/rest/captcha/
Method GET
Parameter Header User-Agent
Attack msnbot/1.1 (+http://search.msn.com/msnbot.htm)
Evidence
Other Info
Request Header - size: 333 bytes.
Request Body - size: 0 bytes.
Response Header - size: 384 bytes.
Response Body - size: 47 bytes.
URL http://83.212.109.249:3000/rest/languages
Method GET
Parameter Header User-Agent
Attack Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Evidence
Other Info
Request Header - size: 287 bytes.
Request Body - size: 0 bytes.
Response Header - size: 388 bytes.
Response Body - size: 4,872 bytes.
URL http://83.212.109.249:3000/rest/languages
Method GET
Parameter Header User-Agent
Attack Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1)
Evidence
Other Info
Request Header - size: 287 bytes.
Request Body - size: 0 bytes.
Response Header - size: 388 bytes.
Response Body - size: 4,872 bytes.
URL http://83.212.109.249:3000/rest/languages
Method GET
Parameter Header User-Agent
Attack Mozilla/5.0 (Windows NT 10.0; Trident/7.0; rv:11.0) like Gecko
Evidence
Other Info
Request Header - size: 299 bytes.
Request Body - size: 0 bytes.
Response Header - size: 388 bytes.
Response Body - size: 4,872 bytes.
URL http://83.212.109.249:3000/rest/languages
Method GET
Parameter Header User-Agent
Attack Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3739.0 Safari/537.36 Edg/75.0.109.0
Evidence
Other Info
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 388 bytes.
Response Body - size: 4,872 bytes.
URL http://83.212.109.249:3000/rest/languages
Method GET
Parameter Header User-Agent
Attack Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36
Evidence
Other Info
Request Header - size: 352 bytes.
Request Body - size: 0 bytes.
Response Header - size: 388 bytes.
Response Body - size: 4,872 bytes.
URL http://83.212.109.249:3000/rest/languages
Method GET
Parameter Header User-Agent
Attack Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:93.0) Gecko/20100101 Firefox/91.0
Evidence
Other Info
Request Header - size: 315 bytes.
Request Body - size: 0 bytes.
Response Header - size: 388 bytes.
Response Body - size: 4,872 bytes.
URL http://83.212.109.249:3000/rest/languages
Method GET
Parameter Header User-Agent
Attack Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)
Evidence
Other Info
Request Header - size: 309 bytes.
Request Body - size: 0 bytes.
Response Header - size: 388 bytes.
Response Body - size: 4,872 bytes.
URL http://83.212.109.249:3000/rest/languages
Method GET
Parameter Header User-Agent
Attack Mozilla/5.0 (compatible; Yahoo! Slurp; http://help.yahoo.com/help/us/ysearch/slurp)
Evidence
Other Info
Request Header - size: 320 bytes.
Request Body - size: 0 bytes.
Response Header - size: 388 bytes.
Response Body - size: 4,872 bytes.
URL http://83.212.109.249:3000/rest/languages
Method GET
Parameter Header User-Agent
Attack Mozilla/5.0 (iPhone; CPU iPhone OS 8_0_2 like Mac OS X) AppleWebKit/600.1.4 (KHTML, like Gecko) Version/8.0 Mobile/12A366 Safari/600.1.4
Evidence
Other Info
Request Header - size: 373 bytes.
Request Body - size: 0 bytes.
Response Header - size: 388 bytes.
Response Body - size: 4,872 bytes.
URL http://83.212.109.249:3000/rest/languages
Method GET
Parameter Header User-Agent
Attack Mozilla/5.0 (iPhone; U; CPU iPhone OS 3_0 like Mac OS X; en-us) AppleWebKit/528.18 (KHTML, like Gecko) Version/4.0 Mobile/7A341 Safari/528.16
Evidence
Other Info
Request Header - size: 378 bytes.
Request Body - size: 0 bytes.
Response Header - size: 388 bytes.
Response Body - size: 4,872 bytes.
URL http://83.212.109.249:3000/rest/languages
Method GET
Parameter Header User-Agent
Attack msnbot/1.1 (+http://search.msn.com/msnbot.htm)
Evidence
Other Info
Request Header - size: 283 bytes.
Request Body - size: 0 bytes.
Response Header - size: 388 bytes.
Response Body - size: 4,872 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jmCV
Method GET
Parameter Header User-Agent
Attack Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)
Evidence
Other Info
Request Header - size: 287 bytes.
Request Body - size: 0 bytes.
Response Header - size: 230 bytes.
Response Body - size: 96 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jmCV
Method GET
Parameter Header User-Agent
Attack Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Evidence
Other Info
Request Header - size: 287 bytes.
Request Body - size: 0 bytes.
Response Header - size: 230 bytes.
Response Body - size: 96 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jmCV
Method GET
Parameter Header User-Agent
Attack Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1)
Evidence
Other Info
Request Header - size: 287 bytes.
Request Body - size: 0 bytes.
Response Header - size: 230 bytes.
Response Body - size: 96 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jmCV
Method GET
Parameter Header User-Agent
Attack Mozilla/5.0 (Windows NT 10.0; Trident/7.0; rv:11.0) like Gecko
Evidence
Other Info
Request Header - size: 299 bytes.
Request Body - size: 0 bytes.
Response Header - size: 251 bytes.
Response Body - size: 96 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jmCV
Method GET
Parameter Header User-Agent
Attack Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3739.0 Safari/537.36 Edg/75.0.109.0
Evidence
Other Info
Request Header - size: 365 bytes.
Request Body - size: 0 bytes.
Response Header - size: 230 bytes.
Response Body - size: 96 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jmCV
Method GET
Parameter Header User-Agent
Attack Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36
Evidence
Other Info
Request Header - size: 352 bytes.
Request Body - size: 0 bytes.
Response Header - size: 230 bytes.
Response Body - size: 96 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jmCV
Method GET
Parameter Header User-Agent
Attack Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:93.0) Gecko/20100101 Firefox/91.0
Evidence
Other Info
Request Header - size: 315 bytes.
Request Body - size: 0 bytes.
Response Header - size: 230 bytes.
Response Body - size: 96 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jmCV
Method GET
Parameter Header User-Agent
Attack Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)
Evidence
Other Info
Request Header - size: 309 bytes.
Request Body - size: 0 bytes.
Response Header - size: 230 bytes.
Response Body - size: 96 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jmCV
Method GET
Parameter Header User-Agent
Attack Mozilla/5.0 (compatible; Yahoo! Slurp; http://help.yahoo.com/help/us/ysearch/slurp)
Evidence
Other Info
Request Header - size: 320 bytes.
Request Body - size: 0 bytes.
Response Header - size: 230 bytes.
Response Body - size: 96 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jmCV
Method GET
Parameter Header User-Agent
Attack Mozilla/5.0 (iPhone; CPU iPhone OS 8_0_2 like Mac OS X) AppleWebKit/600.1.4 (KHTML, like Gecko) Version/8.0 Mobile/12A366 Safari/600.1.4
Evidence
Other Info
Request Header - size: 373 bytes.
Request Body - size: 0 bytes.
Response Header - size: 230 bytes.
Response Body - size: 96 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jmCV
Method GET
Parameter Header User-Agent
Attack Mozilla/5.0 (iPhone; U; CPU iPhone OS 3_0 like Mac OS X; en-us) AppleWebKit/528.18 (KHTML, like Gecko) Version/4.0 Mobile/7A341 Safari/528.16
Evidence
Other Info
Request Header - size: 378 bytes.
Request Body - size: 0 bytes.
Response Header - size: 230 bytes.
Response Body - size: 96 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jmCV
Method GET
Parameter Header User-Agent
Attack msnbot/1.1 (+http://search.msn.com/msnbot.htm)
Evidence
Other Info
Request Header - size: 283 bytes.
Request Body - size: 0 bytes.
Response Header - size: 230 bytes.
Response Body - size: 96 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jmOH&sid=0PnxBar0DV0ylvgqAAHA
Method GET
Parameter Header User-Agent
Attack Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)
Evidence
Other Info
Request Header - size: 312 bytes.
Request Body - size: 0 bytes.
Response Header - size: 230 bytes.
Response Body - size: 41 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jmOH&sid=0PnxBar0DV0ylvgqAAHA
Method GET
Parameter Header User-Agent
Attack Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Evidence
Other Info
Request Header - size: 312 bytes.
Request Body - size: 0 bytes.
Response Header - size: 230 bytes.
Response Body - size: 41 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jmOH&sid=0PnxBar0DV0ylvgqAAHA
Method GET
Parameter Header User-Agent
Attack Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1)
Evidence
Other Info
Request Header - size: 312 bytes.
Request Body - size: 0 bytes.
Response Header - size: 230 bytes.
Response Body - size: 41 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jmOH&sid=0PnxBar0DV0ylvgqAAHA
Method GET
Parameter Header User-Agent
Attack Mozilla/5.0 (Windows NT 10.0; Trident/7.0; rv:11.0) like Gecko
Evidence
Other Info
Request Header - size: 324 bytes.
Request Body - size: 0 bytes.
Response Header - size: 230 bytes.
Response Body - size: 41 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jmOH&sid=0PnxBar0DV0ylvgqAAHA
Method GET
Parameter Header User-Agent
Attack Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3739.0 Safari/537.36 Edg/75.0.109.0
Evidence
Other Info
Request Header - size: 390 bytes.
Request Body - size: 0 bytes.
Response Header - size: 230 bytes.
Response Body - size: 41 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jmOH&sid=0PnxBar0DV0ylvgqAAHA
Method GET
Parameter Header User-Agent
Attack Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36
Evidence
Other Info
Request Header - size: 377 bytes.
Request Body - size: 0 bytes.
Response Header - size: 230 bytes.
Response Body - size: 41 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jmOH&sid=0PnxBar0DV0ylvgqAAHA
Method GET
Parameter Header User-Agent
Attack Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:93.0) Gecko/20100101 Firefox/91.0
Evidence
Other Info
Request Header - size: 340 bytes.
Request Body - size: 0 bytes.
Response Header - size: 230 bytes.
Response Body - size: 41 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jmOH&sid=0PnxBar0DV0ylvgqAAHA
Method GET
Parameter Header User-Agent
Attack Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)
Evidence
Other Info
Request Header - size: 334 bytes.
Request Body - size: 0 bytes.
Response Header - size: 230 bytes.
Response Body - size: 41 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jmOH&sid=0PnxBar0DV0ylvgqAAHA
Method GET
Parameter Header User-Agent
Attack Mozilla/5.0 (compatible; Yahoo! Slurp; http://help.yahoo.com/help/us/ysearch/slurp)
Evidence
Other Info
Request Header - size: 345 bytes.
Request Body - size: 0 bytes.
Response Header - size: 230 bytes.
Response Body - size: 41 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jmOH&sid=0PnxBar0DV0ylvgqAAHA
Method GET
Parameter Header User-Agent
Attack Mozilla/5.0 (iPhone; CPU iPhone OS 8_0_2 like Mac OS X) AppleWebKit/600.1.4 (KHTML, like Gecko) Version/8.0 Mobile/12A366 Safari/600.1.4
Evidence
Other Info
Request Header - size: 398 bytes.
Request Body - size: 0 bytes.
Response Header - size: 230 bytes.
Response Body - size: 41 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jmOH&sid=0PnxBar0DV0ylvgqAAHA
Method GET
Parameter Header User-Agent
Attack Mozilla/5.0 (iPhone; U; CPU iPhone OS 3_0 like Mac OS X; en-us) AppleWebKit/528.18 (KHTML, like Gecko) Version/4.0 Mobile/7A341 Safari/528.16
Evidence
Other Info
Request Header - size: 403 bytes.
Request Body - size: 0 bytes.
Response Header - size: 230 bytes.
Response Body - size: 41 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jmOH&sid=0PnxBar0DV0ylvgqAAHA
Method GET
Parameter Header User-Agent
Attack msnbot/1.1 (+http://search.msn.com/msnbot.htm)
Evidence
Other Info
Request Header - size: 308 bytes.
Request Body - size: 0 bytes.
Response Header - size: 230 bytes.
Response Body - size: 41 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=websocket&sid=dzh6GFQ-5Hjqn77bAAFi
Method GET
Parameter Header User-Agent
Attack Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)
Evidence
Other Info
Request Header - size: 446 bytes.
Request Body - size: 0 bytes.
Response Header - size: 92 bytes.
Response Body - size: 18 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=websocket&sid=dzh6GFQ-5Hjqn77bAAFi
Method GET
Parameter Header User-Agent
Attack Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Evidence
Other Info
Request Header - size: 446 bytes.
Request Body - size: 0 bytes.
Response Header - size: 92 bytes.
Response Body - size: 18 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=websocket&sid=dzh6GFQ-5Hjqn77bAAFi
Method GET
Parameter Header User-Agent
Attack Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1)
Evidence
Other Info
Request Header - size: 446 bytes.
Request Body - size: 0 bytes.
Response Header - size: 92 bytes.
Response Body - size: 18 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=websocket&sid=dzh6GFQ-5Hjqn77bAAFi
Method GET
Parameter Header User-Agent
Attack Mozilla/5.0 (Windows NT 10.0; Trident/7.0; rv:11.0) like Gecko
Evidence
Other Info
Request Header - size: 458 bytes.
Request Body - size: 0 bytes.
Response Header - size: 92 bytes.
Response Body - size: 18 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=websocket&sid=dzh6GFQ-5Hjqn77bAAFi
Method GET
Parameter Header User-Agent
Attack Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3739.0 Safari/537.36 Edg/75.0.109.0
Evidence
Other Info
Request Header - size: 524 bytes.
Request Body - size: 0 bytes.
Response Header - size: 92 bytes.
Response Body - size: 18 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=websocket&sid=dzh6GFQ-5Hjqn77bAAFi
Method GET
Parameter Header User-Agent
Attack Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36
Evidence
Other Info
Request Header - size: 511 bytes.
Request Body - size: 0 bytes.
Response Header - size: 92 bytes.
Response Body - size: 18 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=websocket&sid=dzh6GFQ-5Hjqn77bAAFi
Method GET
Parameter Header User-Agent
Attack Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:93.0) Gecko/20100101 Firefox/91.0
Evidence
Other Info
Request Header - size: 474 bytes.
Request Body - size: 0 bytes.
Response Header - size: 92 bytes.
Response Body - size: 18 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=websocket&sid=dzh6GFQ-5Hjqn77bAAFi
Method GET
Parameter Header User-Agent
Attack Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)
Evidence
Other Info
Request Header - size: 468 bytes.
Request Body - size: 0 bytes.
Response Header - size: 92 bytes.
Response Body - size: 18 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=websocket&sid=dzh6GFQ-5Hjqn77bAAFi
Method GET
Parameter Header User-Agent
Attack Mozilla/5.0 (compatible; Yahoo! Slurp; http://help.yahoo.com/help/us/ysearch/slurp)
Evidence
Other Info
Request Header - size: 479 bytes.
Request Body - size: 0 bytes.
Response Header - size: 92 bytes.
Response Body - size: 18 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=websocket&sid=dzh6GFQ-5Hjqn77bAAFi
Method GET
Parameter Header User-Agent
Attack Mozilla/5.0 (iPhone; CPU iPhone OS 8_0_2 like Mac OS X) AppleWebKit/600.1.4 (KHTML, like Gecko) Version/8.0 Mobile/12A366 Safari/600.1.4
Evidence
Other Info
Request Header - size: 532 bytes.
Request Body - size: 0 bytes.
Response Header - size: 92 bytes.
Response Body - size: 18 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=websocket&sid=dzh6GFQ-5Hjqn77bAAFi
Method GET
Parameter Header User-Agent
Attack Mozilla/5.0 (iPhone; U; CPU iPhone OS 3_0 like Mac OS X; en-us) AppleWebKit/528.18 (KHTML, like Gecko) Version/4.0 Mobile/7A341 Safari/528.16
Evidence
Other Info
Request Header - size: 537 bytes.
Request Body - size: 0 bytes.
Response Header - size: 92 bytes.
Response Body - size: 18 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=websocket&sid=dzh6GFQ-5Hjqn77bAAFi
Method GET
Parameter Header User-Agent
Attack msnbot/1.1 (+http://search.msn.com/msnbot.htm)
Evidence
Other Info
Request Header - size: 442 bytes.
Request Body - size: 0 bytes.
Response Header - size: 92 bytes.
Response Body - size: 18 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jlGq&sid=XDs4qc8WdSz1SZaYAAGk
Method POST
Parameter Header User-Agent
Attack Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)
Evidence
Other Info
Request Header - size: 459 bytes.
Request Body - size: 1 bytes.
Response Header - size: 230 bytes.
Response Body - size: 41 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jlGq&sid=XDs4qc8WdSz1SZaYAAGk
Method POST
Parameter Header User-Agent
Attack Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Evidence
Other Info
Request Header - size: 459 bytes.
Request Body - size: 1 bytes.
Response Header - size: 230 bytes.
Response Body - size: 41 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jlGq&sid=XDs4qc8WdSz1SZaYAAGk
Method POST
Parameter Header User-Agent
Attack Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1)
Evidence
Other Info
Request Header - size: 459 bytes.
Request Body - size: 1 bytes.
Response Header - size: 230 bytes.
Response Body - size: 41 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jlGq&sid=XDs4qc8WdSz1SZaYAAGk
Method POST
Parameter Header User-Agent
Attack Mozilla/5.0 (Windows NT 10.0; Trident/7.0; rv:11.0) like Gecko
Evidence
Other Info
Request Header - size: 471 bytes.
Request Body - size: 1 bytes.
Response Header - size: 230 bytes.
Response Body - size: 41 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jlGq&sid=XDs4qc8WdSz1SZaYAAGk
Method POST
Parameter Header User-Agent
Attack Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3739.0 Safari/537.36 Edg/75.0.109.0
Evidence
Other Info
Request Header - size: 537 bytes.
Request Body - size: 1 bytes.
Response Header - size: 230 bytes.
Response Body - size: 41 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jlGq&sid=XDs4qc8WdSz1SZaYAAGk
Method POST
Parameter Header User-Agent
Attack Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36
Evidence
Other Info
Request Header - size: 524 bytes.
Request Body - size: 1 bytes.
Response Header - size: 230 bytes.
Response Body - size: 41 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jlGq&sid=XDs4qc8WdSz1SZaYAAGk
Method POST
Parameter Header User-Agent
Attack Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:93.0) Gecko/20100101 Firefox/91.0
Evidence
Other Info
Request Header - size: 487 bytes.
Request Body - size: 1 bytes.
Response Header - size: 230 bytes.
Response Body - size: 41 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jlGq&sid=XDs4qc8WdSz1SZaYAAGk
Method POST
Parameter Header User-Agent
Attack Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)
Evidence
Other Info
Request Header - size: 481 bytes.
Request Body - size: 1 bytes.
Response Header - size: 230 bytes.
Response Body - size: 41 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jlGq&sid=XDs4qc8WdSz1SZaYAAGk
Method POST
Parameter Header User-Agent
Attack Mozilla/5.0 (compatible; Yahoo! Slurp; http://help.yahoo.com/help/us/ysearch/slurp)
Evidence
Other Info
Request Header - size: 492 bytes.
Request Body - size: 1 bytes.
Response Header - size: 230 bytes.
Response Body - size: 41 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jlGq&sid=XDs4qc8WdSz1SZaYAAGk
Method POST
Parameter Header User-Agent
Attack Mozilla/5.0 (iPhone; CPU iPhone OS 8_0_2 like Mac OS X) AppleWebKit/600.1.4 (KHTML, like Gecko) Version/8.0 Mobile/12A366 Safari/600.1.4
Evidence
Other Info
Request Header - size: 545 bytes.
Request Body - size: 1 bytes.
Response Header - size: 230 bytes.
Response Body - size: 41 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jlGq&sid=XDs4qc8WdSz1SZaYAAGk
Method POST
Parameter Header User-Agent
Attack Mozilla/5.0 (iPhone; U; CPU iPhone OS 3_0 like Mac OS X; en-us) AppleWebKit/528.18 (KHTML, like Gecko) Version/4.0 Mobile/7A341 Safari/528.16
Evidence
Other Info
Request Header - size: 550 bytes.
Request Body - size: 1 bytes.
Response Header - size: 230 bytes.
Response Body - size: 41 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jlGq&sid=XDs4qc8WdSz1SZaYAAGk
Method POST
Parameter Header User-Agent
Attack msnbot/1.1 (+http://search.msn.com/msnbot.htm)
Evidence
Other Info
Request Header - size: 455 bytes.
Request Body - size: 1 bytes.
Response Header - size: 230 bytes.
Response Body - size: 41 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jmIW&sid=0PnxBar0DV0ylvgqAAHA
Method POST
Parameter Header User-Agent
Attack Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)
Evidence
Other Info
Request Header - size: 408 bytes.
Request Body - size: 2 bytes.
Response Header - size: 230 bytes.
Response Body - size: 41 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jmIW&sid=0PnxBar0DV0ylvgqAAHA
Method POST
Parameter Header User-Agent
Attack Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Evidence
Other Info
Request Header - size: 408 bytes.
Request Body - size: 2 bytes.
Response Header - size: 230 bytes.
Response Body - size: 41 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jmIW&sid=0PnxBar0DV0ylvgqAAHA
Method POST
Parameter Header User-Agent
Attack Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1)
Evidence
Other Info
Request Header - size: 408 bytes.
Request Body - size: 2 bytes.
Response Header - size: 230 bytes.
Response Body - size: 41 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jmIW&sid=0PnxBar0DV0ylvgqAAHA
Method POST
Parameter Header User-Agent
Attack Mozilla/5.0 (Windows NT 10.0; Trident/7.0; rv:11.0) like Gecko
Evidence
Other Info
Request Header - size: 420 bytes.
Request Body - size: 2 bytes.
Response Header - size: 230 bytes.
Response Body - size: 41 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jmIW&sid=0PnxBar0DV0ylvgqAAHA
Method POST
Parameter Header User-Agent
Attack Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3739.0 Safari/537.36 Edg/75.0.109.0
Evidence
Other Info
Request Header - size: 486 bytes.
Request Body - size: 2 bytes.
Response Header - size: 230 bytes.
Response Body - size: 41 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jmIW&sid=0PnxBar0DV0ylvgqAAHA
Method POST
Parameter Header User-Agent
Attack Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36
Evidence
Other Info
Request Header - size: 473 bytes.
Request Body - size: 2 bytes.
Response Header - size: 230 bytes.
Response Body - size: 41 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jmIW&sid=0PnxBar0DV0ylvgqAAHA
Method POST
Parameter Header User-Agent
Attack Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:93.0) Gecko/20100101 Firefox/91.0
Evidence
Other Info
Request Header - size: 436 bytes.
Request Body - size: 2 bytes.
Response Header - size: 230 bytes.
Response Body - size: 41 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jmIW&sid=0PnxBar0DV0ylvgqAAHA
Method POST
Parameter Header User-Agent
Attack Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)
Evidence
Other Info
Request Header - size: 430 bytes.
Request Body - size: 2 bytes.
Response Header - size: 230 bytes.
Response Body - size: 41 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jmIW&sid=0PnxBar0DV0ylvgqAAHA
Method POST
Parameter Header User-Agent
Attack Mozilla/5.0 (compatible; Yahoo! Slurp; http://help.yahoo.com/help/us/ysearch/slurp)
Evidence
Other Info
Request Header - size: 441 bytes.
Request Body - size: 2 bytes.
Response Header - size: 230 bytes.
Response Body - size: 41 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jmIW&sid=0PnxBar0DV0ylvgqAAHA
Method POST
Parameter Header User-Agent
Attack Mozilla/5.0 (iPhone; CPU iPhone OS 8_0_2 like Mac OS X) AppleWebKit/600.1.4 (KHTML, like Gecko) Version/8.0 Mobile/12A366 Safari/600.1.4
Evidence
Other Info
Request Header - size: 494 bytes.
Request Body - size: 2 bytes.
Response Header - size: 230 bytes.
Response Body - size: 41 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jmIW&sid=0PnxBar0DV0ylvgqAAHA
Method POST
Parameter Header User-Agent
Attack Mozilla/5.0 (iPhone; U; CPU iPhone OS 3_0 like Mac OS X; en-us) AppleWebKit/528.18 (KHTML, like Gecko) Version/4.0 Mobile/7A341 Safari/528.16
Evidence
Other Info
Request Header - size: 499 bytes.
Request Body - size: 2 bytes.
Response Header - size: 230 bytes.
Response Body - size: 41 bytes.
URL http://83.212.109.249:3000/socket.io/?EIO=4&transport=polling&t=O_9jmIW&sid=0PnxBar0DV0ylvgqAAHA
Method POST
Parameter Header User-Agent
Attack msnbot/1.1 (+http://search.msn.com/msnbot.htm)
Evidence
Other Info
Request Header - size: 404 bytes.
Request Body - size: 2 bytes.
Response Header - size: 230 bytes.
Response Body - size: 41 bytes.
Instances 155
Solution
Reference https://owasp.org/wstg
Tags
CWE Id
WASC Id
Plugin Id 10104